dify-code-interpreter

Security checks across malware telemetry and agentic risk

Overview

This documentation-only Dify code-explanation skill is coherent, but it includes a live-looking Dify API key as a default value, so it should be reviewed before installation.

Install only after replacing the embedded Dify key with your own trusted credential and endpoint. The publisher should revoke or rotate the exposed key and update the documentation to use a placeholder or environment variable. Avoid submitting proprietary code or secrets unless you trust the Dify deployment and its retention/access controls.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Ssd 3

High

Confidence: 99% confidence
Finding: The skill documentation contains what appears to be a concrete API key value in plain text, which can lead users to reuse or trust an exposed credential and may indicate that a real secret was committed to the repository. If valid, an attacker could use the key to access the associated Dify application, consume resources, query private knowledge bases, or interact with protected workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal