flomo-crud-skill

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its Flomo memo-automation purpose, but it grants broad control inside a logged-in browser session and includes under-scoped fallback/delete and local-path reporting behaviors that users should review carefully.

Install only if you intend to let an agent operate on your live Flomo account. Use a dedicated browser profile if possible, keep delete/edit actions interactive, do not share install or config paths with the author or third parties, and prefer query-only use unless you need write access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The document explicitly describes a destructive delete fallback using internal Vue component methods without requiring a user-facing confirmation or an explicit pre-delete verification step beyond matching a memo_id. In this skill's context, automation runs against a live logged-in flomo session, so an incorrect target selection, stale page state, or misuse of the fallback could permanently delete user data with little friction or visibility.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal