Back to skill

Security audit

Upload files to catbox.moe (permanent) or litterbox.catbox.moe (temporary).

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it uploads a user-selected file to Catbox or Litterbox and returns a hosted URL.

Install only if you are comfortable sending chosen files to Catbox or Litterbox. Do not upload secrets, private documents, credentials, or regulated data; prefer Litterbox for temporary sharing, and treat any Catbox userhash as sensitive account-linked information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs users to upload files to catbox.moe or litterbox.catbox.moe but does not clearly warn that files are being transmitted to external third-party hosting services. This can cause users to unknowingly exfiltrate sensitive, proprietary, or regulated data outside their organization, especially because the description presents the upload workflow as straightforward and preferred without any privacy or data-handling caution.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This script unconditionally uploads the provided file to a third-party service, which can disclose sensitive local data if the user supplies the wrong file or does not fully appreciate that the destination is a public external host. In a skill or agent context, this is more dangerous because the code facilitates exfiltration of arbitrary file contents off-system without any explicit confirmation, sensitivity checks, or warning beyond a generic description.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The script accepts a Catbox userhash and transmits it to the remote API without any warning that it is credential-like data tied to an account. In an agent skill context, handling secrets via command-line arguments is riskier because such values may be exposed in shell history, process listings, logs, or orchestration traces, enabling unauthorized use of the associated account.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
Confidence
96% confidence
Finding
requests>=2.31.0

Known Vulnerable Dependency: requests==2.31.0 — 5 advisory(ies): CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi); CVE-2026-25645 (Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility func) +2 more

Medium
Category
Supply Chain
Confidence
91% confidence
Finding
requests==2.31.0

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.