Security audit

Fnnas Fpk Development

Security checks across malware telemetry and agentic risk

Overview

This is a coherent FNNAS/fnOS FPK development reference skill with disclosed build and install guidance, but users should vet copied code examples and optional third-party tooling.

Install this as a development reference skill if you work on FNNAS/fnOS FPK apps. Before running commands it suggests, confirm the target NAS and app context, avoid root privileges unless truly required, vet the optional third-party UI npm tool separately, and review copied shell/CGI examples for production security.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Context-Inappropriate Capability

Low

Confidence: 93% confidence
Finding: The skill injects guidance for an unrelated third-party UI tool and external GitHub resource that is outside the declared FNNAS FPK documentation flow. In an agent skill, this expands the trusted execution and supply-chain surface: the agent may recommend installing npm packages or following external instructions not covered by the official references, which can lead users to unvetted code or dependency compromise.

Intent-Code Divergence

Medium

Confidence: 98% confidence
Finding: The documented CGI example claims to block path traversal by rejecting '..' in the final path string, but it concatenates BASE_PATH with a user-derived path before canonicalization. Inputs using encoded traversal, normalization quirks, or crafted paths can bypass this check and allow reading files outside the intended web root, which is especially dangerous because the example is presented as recommended code for developers to copy.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The trigger conditions are broad keyword-based phrases that can activate the skill for many loosely related conversations about packaging, manifests, or app tools. Overbroad activation increases the chance the agent applies this skill in the wrong context, causing unsafe or irrelevant build, install, or external-reference guidance to be surfaced when not appropriate.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal