Olares Files (olares-cli files)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Olares file-management skill with powerful sharing and deletion features that are expected for its purpose, not hidden or deceptive.

Install only if you use Olares and trust olares-cli with your active Olares profile. Treat public links, SMB public shares, deletes, ownership changes, and repository removals as high-impact actions: confirm paths, recipients, passwords, expirations, and network trust before letting an agent run them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The documentation explicitly enables creation of public links and LAN-wide SMB shares but does not include any warning that these actions expose data beyond the owner’s account boundary. In a file-management skill, omission of privacy and exposure cautions can lead users or downstream agents to create broadly accessible shares without understanding that links, passwords, LAN visibility, and recipient forwarding materially increase data-disclosure risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal