Ai Intelligent Backup Automation

Security checks across malware telemetry and agentic risk

Overview

This backup skill is purpose-aligned but needs review because it points users to run external, unreviewed code for broad backup and restore automation without clear safety limits.

Review the external repository and Python dependencies before running it. Use a limited-permission test environment first, define exactly what data may be backed up and where it may be stored, and require explicit confirmation before any restore or scheduled operation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The skill description is broad and generic, covering backup, restore testing, cloud, and local scenarios without clearly defining scope, safeguards, or operational boundaries. This can cause an agent to invoke the skill in situations involving sensitive or production data where backup or restore actions may have significant side effects.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: Backup and especially restore operations can overwrite data, consume storage, trigger service disruption, or expose sensitive information, yet the markdown provides no warning or approval requirement. In an agent setting, omission of these warnings increases the chance of destructive or privacy-impacting actions being taken automatically or without informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal