Doctor Nexus Filesystem

Security checks across malware telemetry and agentic risk

Overview

This is a plain filesystem command reference with disclosed file search and batch edit/delete examples, so it is usable but should be run carefully.

Install only if you want an agent to use shell-style filesystem workflows. Before running any copy, move, delete, rename, or sed replacement command, review the exact path and file list, keep operations scoped to the intended project directory, and avoid system or private directories unless you explicitly intend to modify them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The skill advertises very broad filesystem capabilities including search, batch processing, copy/move/delete, and directory analysis with few constraints on scope, paths, or safety gates. In an agent context, this can cause over-invocation or unsafe use on sensitive directories, increasing the chance of destructive or privacy-impacting actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal