Yufluentcn B2b Assist

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real cloud B2B quoting helper, but it needs Review because it can send confidential quote details and an API key to a configurable endpoint without a clear confirmation or privacy boundary.

Install only if you are comfortable sending buyer inquiries, pricing, MOQ, lead times, payment terms, and related business details to Yufluent's cloud service. Verify TOKENAPI_BASE_URL points only to a trusted intended endpoint, preferably HTTPS, and avoid using this skill for confidential customer, contract, export-controlled, or regulated information unless you have reviewed the provider's privacy and retention terms.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (6)

Tainted flow: 'url' from os.getenv (line 107, credential/environment) → requests.post (network output)

Critical

Category: Data Flow
Content: url = skill_run_url(base_url or os.getenv("TOKENAPI_BASE_URL", ""), skill_id) try: resp = requests.post( url, json=payload, headers={
Confidence: 93% confidence
Finding: resp = requests.post( url, json=payload, headers={ "Authorization": f"Bearer {key}", "Accept": "application/json",

Tainted flow: 'url' from os.getenv (line 107, credential/environment) → requests.post (network output)

Critical

Category: Data Flow
Content: url = agent_outcomes_url(base_url or os.getenv("TOKENAPI_BASE_URL", "")) try: resp = requests.post( url, json=payload, headers={
Confidence: 93% confidence
Finding: resp = requests.post( url, json=payload, headers={ "Authorization": f"Bearer {key}", "Accept": "application/json",

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README explicitly states that the skill executes through a cloud Harness and requires an API key, but it does not clearly warn users that inquiry content, pricing, MOQ, lead times, and other potentially sensitive commercial data will be transmitted off-machine. In a B2B quoting context, this omission can cause unintentional disclosure of confidential business information to a third-party service, especially if users assume the skill runs locally.

Vague Triggers

Medium

Confidence: 73% confidence
Finding: The trigger phrases are broad business-language terms such as '外贸报价' and 'inquiry reply' that overlap with normal user requests. In an agent ecosystem, ambiguous triggers can cause this cloud-routed skill to activate unexpectedly and send commercially sensitive inquiry content to the vendor service when the user may have intended a local drafting workflow.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill repeatedly instructs the agent to send buyer inquiries, pricing terms, MOQ, lead times, and payment terms to a remote endpoint, but it does not prominently warn that sensitive business communications and quotation data leave the local environment. This creates a material confidentiality risk because RFQs and pricing details are often proprietary and may include customer-identifying or export-controlled information.

Missing User Warnings

Medium

Confidence: 80% confidence
Finding: This script collects buyer inquiry text and related business details, then sends them to a remote cloud skill via run_skill() without any explicit notice, confirmation, or data-handling disclosure in the CLI flow. In a B2B context, inquiry contents can include commercially sensitive information, customer data, pricing, and terms, so silent transmission can cause confidentiality and compliance issues.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal