yidun-skill-sec
my-test-skill · v0.0.1 · by
66.0
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 0.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 80.0 | 15% |
| Clickfix | 100.0 | 15% |
| Credential | 60.0 | 15% |
| Twostage | 100.0 | 10% |
| Infrastructure | 10.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 10.0 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 0
[CRITICAL] Base64 decoding of potentially obfuscated payloads
(line 295)
"value": "eval(base64.b64decode(payload))",
[CRITICAL] Base64 decoding of potentially obfuscated payloads
(line 298)
"context": "eval(base64.b64decode(payload).decode())"
[CRITICAL] Base64 decoding of potentially obfuscated payloads
(line 327)
"value": "base64.b64decode('aGVsbG8=')",
[CRITICAL] Base64 decoding of potentially obfuscated payloads
(line 330)
"context": "exec(base64.b64decode('aGVsbG8=').decode())"
[CRITICAL] Base64 decoding of potentially obfuscated payloads
(line 393)
"evidence": "exec(base64.b64decode('aGVsbG8=').decode())",
[CRITICAL] Environment variable exfiltration to remote server
(line 311)
"value": "os.environ.get('AWS_SECRET_ACCESS_KEY')",
[CRITICAL] Environment variable exfiltration to remote server
(line 314)
"context": "secret = os.environ.get('AWS_SECRET_ACCESS_KEY')"
[HIGH] Shell command execution
(line 159)
| `EXEC_DYNAMIC` | `eval()`, `exec()`, `Function()`, backtick interpolation | +25 |
[HIGH] Shell command execution
(line 291)
"context": "subprocess.run(['rm', '-rf', '/tmp/traces'], shell=True)"
[HIGH] Shell command execution
(line 305)
"context": "os.system('chmod 777 /usr/local/bin/hook')"
[HIGH] Shell command execution
(line 330)
"context": "exec(base64.b64decode('aGVsbG8=').decode())"
[HIGH] Shell command execution
(line 393)
"evidence": "exec(base64.b64decode('aGVsbG8=').decode())",
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 80
[HIGH] Content contains alarming words not in description: jailbreak, malware, override, unrestricted
CLICKFIX — Score: 100
No findings.
INFRASTRUCTURE — Score: 10
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 279)
"value": "http://45.33.32.156/cmd",
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 282)
"context": "urllib.request.urlopen('http://45.33.32.156/cmd')"
[HIGH] Direct IP URL with no domain (likely C2 server)
(line 400)
"evidence": "http://45.33.32.156/cmd",
TWOSTAGE — Score: 100
No findings.
CREDENTIAL — Score: 60
[CRITICAL] SSH key file access or exfiltration
(line 202)
cat.*id_rsa|cat.*\.env|keyring\.get
TYPOSQUAT — Score: 100
No findings.