YoudaoNote OKF Wiki

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed YoudaoNote knowledge-base helper that reads and writes notes for OKF workflows, with expected URL ingest and local export behavior.

Install only if you want an agent to manage a YoudaoNote-backed OKF knowledge base. Expect it to read and write notes in the configured YoudaoNote account, use your YoudaoNote API key through the CLI, fetch URLs you provide for ingest, and write exported bundles to a path you confirm.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The skill explicitly instructs the agent to fetch arbitrary external URLs and ingest their contents into the knowledge base. This expands the skill’s effective authority from YoudaoNote note management into unrestricted external content retrieval, which can expose the agent to prompt injection, untrusted data ingestion, and retrieval of sensitive internal resources if URL handling is not tightly constrained.

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The export workflow directs the agent to create local directories and write files on the host filesystem, which exceeds the core cloud-note management scope described for the skill. Without strict path validation and user confirmation, this can overwrite user files, place sensitive content in unintended locations, or be abused for broader host-side file manipulation.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal