solon-development-skill

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only Solon framework reference skill; its risky examples are documentation quality issues, not evidence of hidden or active unsafe behavior.

Safe to install as a Solon reference skill. Treat the security and remoting snippets as examples only: restrict CORS to trusted origins, implement real authorization checks, avoid hardcoded tokens or vault passwords, and sandbox or narrowly scope any AI agent tools such as bash, read, edit, web search, or MCP before using similar patterns in real applications.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Missing User Warnings

Low

Confidence: 79% confidence
Finding: The filter example hardcodes a token into outbound requests (`inv.headers.put("Token", "Xxx")`), which is an insecure pattern because developers may copy it into production code and embed credentials directly in source. Hardcoded secrets are prone to leakage through repositories, logs, and build artifacts, and the example provides no warning about secure storage or transport.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The global filter example repeats the same insecure pattern at a broader scope, automatically attaching a hardcoded authentication token to all outbound requests. Because this is a global interceptor, accidental reuse is more dangerous: it can spread secrets across multiple services and increase the chance of credential exposure or unintended authentication to external endpoints.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The documentation repeatedly demonstrates `@CrossOrigin(origins = "*")` and global `allowedOrigins("*")` settings with no warning or safer alternatives. In a developer skill focused on security guidance, this can normalize permissive CORS as an acceptable default and lead users to expose authenticated or sensitive endpoints cross-origin unintentionally.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The vault section shows a concrete vault password embedded directly in YAML and does not clearly warn against committing decryption secrets to source control. Even though the feature is about encrypting config values, storing the vault password alongside ciphertext defeats much of the protection and may encourage insecure secret-management practices.

Unsafe Defaults

Medium

Category: Tool Misuse
Content: # Security — 安全（认证/鉴权/CORS/加密） > 适用场景：跨域处理、用户认证、路径鉴权、角色权限控制。
Confidence: 88% confidence
Finding: CORS/加密） > 适用场景：跨域处理、用户认证、路径鉴权、角色权限控制。 ## CORS — 跨域处理 Dependency: `solon-web-cors`（已包含在 `solon-web` 中） ### 方式一：注解在控制器或方法上 ```java @CrossOrigin(origins = "*"

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal