Back to skill

Security audit

Dataecho

Security checks across malware telemetry and agentic risk

Overview

DataEcho is a coherent deployment and cloud-drive skill, but it needs Review because it uses unpinned remote install scripts and broad trigger language that could upload files to a third-party service without clear confirmation.

Install only if you intend to use DataEcho as an external hosting/storage provider. Before running it, inspect or manually download any install scripts instead of piping remote code directly to a shell, confirm the exact files or folders being uploaded, and avoid publishing credentials, private documents, proprietary code, or regulated data unless you have approval. Manage ~/.artifact credentials and DataEcho Drive share tokens as sensitive secrets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs users to execute remote scripts directly via `curl ... | bash` and `irm ... | iex`, which bypasses review of downloaded code and gives the remote server immediate code execution on the host. In an agent-skill context this is especially risky because the skill may normalize arbitrary shell execution as part of routine publishing, extending beyond the core business need of uploading files.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation description is broad enough to trigger on generic requests to 'share', 'store', 'publish', or 'put online', which can cause an agent to route sensitive files or app artifacts to this third-party platform without sufficiently specific user intent. In context, the skill is designed for external deployment and cloud storage, so over-triggering materially increases the chance of unintended data disclosure.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill advertises publishing and Drive storage but does not prominently warn that user files, sites, application code, and handoff data are uploaded to an external third-party service. In this context, that omission is dangerous because the skill targets exactly the kinds of operations that may involve proprietary code, credentials, documents, or persistent agent memory.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.