Back to skill

Security audit

Xdrop

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Xdrop file-transfer helper; its file and network access match its stated purpose, but users should be careful about what they upload and which server they use.

Install this only if you intend to use Xdrop from the terminal. Before uploading, verify the exact files or directories and the server/API URL. Treat full share links containing #k= as secrets, and download untrusted transfers into a fresh directory so you can inspect the files before using them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The activation description is broad enough to match many ordinary file-transfer, download, and CLI-flag questions, which can cause the skill to activate in contexts the user did not explicitly intend. Because this skill performs network transfers and local file operations, over-triggering increases the chance of unnecessary exposure of local data or unintended interaction with external Xdrop servers.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to upload local files/directories and download/decrypt remote content with filesystem and network access, but it does not require an explicit warning or confirmation about privacy, destination server trust, or the sensitivity of transferred data. In an agent setting, this can lead to accidental exfiltration of local files or retrieval of untrusted remote content without the user appreciating the security and privacy implications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
scripts/download.mjs:102

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
scripts/upload.mjs:191