清空废纸篓

Security checks across malware telemetry and agentic risk

Overview

The skill is meant to empty the trash, but it grants permanent deletion authority and explicitly skips a final confirmation.

Install only if you are comfortable with an agent permanently emptying your trash when invoked. Before use, inspect the trash contents yourself and require an explicit final confirmation before any rm, osascript, or PowerShell deletion command runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The skill performs an irreversible destructive action but explicitly states that no second confirmation is needed, which increases the chance of accidental data loss. In this context, the action is the intended purpose of the skill, so the issue is not hidden malware but unsafe UX/security design around a high-risk operation.

Tool Parameter Abuse

High

Category: Tool Misuse
Content: ### Linux（自动检测） ```bash rm -rf ~/.local/share/Trash/* ``` ### Windows（自动检测）
Confidence: 83% confidence
Finding: rm -rf ~

Tool Parameter Abuse

High

Category: Tool Misuse
Content: ### Linux（自动检测） ```bash rm -rf ~/.local/share/Trash/* ``` ### Windows（自动检测）
Confidence: 83% confidence
Finding: rm -rf ~/.local/share/Trash/

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal