Security audit

Files.com

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Files.com connector that can read, create, update, and delete Files.com data through OOMOL, with confirmation instructions for write and delete actions.

Install this only if you want an agent to operate your Files.com account through OOMOL. Confirm exact paths and payloads before creating folders, updating metadata, or deleting files, and review the OOMOL/Files.com connection scopes because the skill depends on that connected account rather than local raw tokens.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description says to use this skill for ANY Files.com request, which is an overly broad trigger that can cause the agent to route all Files.com-related tasks through this skill regardless of context. While the skill itself is not overtly malicious, broad invocation increases the chance of unintended use for sensitive or destructive operations and can bypass more context-appropriate handling or user confirmation logic at the selection stage.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal