NAS Agent Sync

Security checks across malware telemetry and agentic risk

Overview

This skill has a legitimate NAS file-sharing purpose, but it gives one agent broad SSH-mediated file access and scheduled memory backups without enough boundaries or data-safety guidance.

Install only if you are comfortable letting one agent mediate NAS access for other agents. Use a restricted NAS account limited to the intended directories, define which agents may read or write each area, validate and quote paths, exclude secrets from memory backups, use encryption and retention limits, and enable the cron backup only after those controls are in place.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The backup guidance instructs copying agent workspace memory to a NAS, which can include secrets, credentials, personal data, chat history, or other sensitive artifacts, but it does not warn users to classify, minimize, or encrypt that data first. In a multi-agent shared-storage design, centralizing these backups increases the blast radius of any NAS compromise or misconfiguration.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal