qshell-copilot

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Qiniu cloud-storage helper, but users should treat its storage commands and Qiniu keys carefully.

Install this only if you want an assistant to operate qshell against your Qiniu account. Use least-privilege Qiniu keys when possible, avoid pasting secrets into chat, verify qshell from an official source, and review bucket names, object keys, overwrite, move, delete, CDN refresh, and bucket-creation commands before approving them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger text is broad enough to capture generic cloud-file requests such as 'upload this to my bucket' or 'list my cloud files' when Qiniu is only inferred from context. That can cause the agent to invoke a powerful storage-management skill in ambiguous situations, increasing the chance of unintended remote operations, data disclosure, or destructive actions against the wrong provider/account.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill instructs direct entry of AccessKey and SecretKey into a command without warning about credential sensitivity, storage risks, shell history exposure, or safer alternatives. In an agent setting, this can normalize collecting or echoing long-lived secrets into logs, transcripts, terminal history, or tool traces, leading to credential compromise and full access to the user's Qiniu resources.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal