Back to skill

Security audit

Ftp Sync

Security checks across malware telemetry and agentic risk

Overview

The skill is not clearly malicious, but it gives risky server-sync guidance involving privileged credentials while its actual sync features are incomplete.

Review carefully before installing. Do not rely on this skill for real backup, deployment, or remote synchronization unless the implementation is completed and tested. Avoid placing real passwords in command lines; prefer key-based or prompted authentication, least-privilege server accounts, dry-run/diff checks, and verified target paths before any production use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The triggers are broad, generic phrases like '文件同步' and '服务器同步' that could match many normal user requests and invoke a skill capable of changing remote files. In a file-transfer skill, unintended invocation is more dangerous because upload/download/sync actions can modify or overwrite production server content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation presents remote synchronization as straightforward but omits warnings about overwrite, deletion, directionality mistakes, and production-impact risks. In server-maintenance contexts, a user can easily push the wrong directory or pull over local data, causing service disruption or irreversible data loss.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The examples embed plaintext passwords directly in CLI commands without warning that shell history, process listings, logs, screenshots, or copied documentation can expose credentials. This is especially risky for FTP/SFTP administration workflows because the same credentials may grant broad access to production servers.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.