desktop-bridge

No evidence of covert malware or backdoor behavior in this script. The primary security concern is its intended functionality: it deliberately exposes a local filesystem directory to the public internet and persists plaintext credentials and workspace metadata to a runtime directory (defaulting to temp). This is a high-impact operational risk if misused or if the tunnel URL or runtime files are exposed. Treat the tool as powerful but potentially dangerous — verify binaries, protect the runtime directory, and only serve directories you intend to publish.

[Skill Scanner] Natural language instruction to download and install from URL detected All findings: [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Reference to external script with install/setup context (SC005) [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] The skill's manifest and instructions are consistent with its stated purpose: running a WebDAV bridge using rclone and Cloudflare Tunnel. I found no direct indicators of malware or obfuscation in the provided content. The main security concern is the high-impact capability: exposing arbitrary local files over a public tunnel. That capability is legitimate for a remote-file-access tool but requires strong operational safeguards (secure credential handling, explicit warnings, short tunnel lifetime, strong passwords, and clear instructions to stop the bridge). Because the actual shell scripts were not included, I cannot rule out insecure handling of credentials or unintended logging. Recommend manual review of start.sh/stop.sh/status.sh to ensure credentials are not saved in plaintext, the server binds to localhost only, and cloudflared is invoked with least-privilege options. LLM verification: The skill's documented purpose and requested capabilities are consistent with exposing a workspace via WebDAV through a Cloudflare Tunnel. There is no clear evidence of intentional malicious behavior in the provided SKILL.md itself. However there are notable security concerns: the documentation recommends a pipe-to-shell installer (curl | bash), encourages printing and sharing credentials, and exposes arbitrary filesystem paths over a public tunnel — all of which increase the risk of accidental