Dir Text Search

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed directory text-search tool; its main risk is that matched lines are saved to local result files.

Install only if you want an agent to search local directories and archives. Run it on specific folders, not an entire home directory, and remember that matching lines are copied into plaintext result files that you may need to delete later if they contain secrets or personal data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The tool writes all matched lines to a timestamped file on disk by default, which can persist sensitive data such as credentials, tokens, secrets, or personal information from the searched corpus. In a security-search context this increases data exposure risk because users may expect transient search output, not creation of a secondary plaintext archive of findings.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The trigger language is broad enough to match generic search-related requests, which can cause the skill to activate in situations the user did not intend. In an agent setting, overbroad invocation can lead to unnecessary directory scanning, archive extraction, and exposure of sensitive local data beyond the user's actual request scope.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal