cloud-storage-web
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): Automated security scanners identified the malicious URL
file.coassociated with this skill's content. Blacklisted domains pose a severe risk of malware delivery or malicious script execution. - PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection.
- Ingestion points: The skill processes
filePathviafileInput.files[0], which constitutes untrusted external content provided by the user/browser. - Boundary markers: Absent. The skill provides no instructions for the agent to use delimiters or to ignore instructions that might be embedded in file metadata (like filenames) or file content.
- Capability inventory: The skill provides direct implementation for
uploadFile,deleteFile, andgetTempFileURL, giving the agent significant write and management access to cloud storage. - Sanitization: While the 'Best Practices' section mentions validating file types, the provided code snippets do not implement any sanitization or validation logic, leaving the implementation vulnerable to manipulation.
- DATA_EXFILTRATION (MEDIUM): The functionality to generate temporary download URLs (
getTempFileURL) could be exploited to exfiltrate private cloud data to unauthorized parties if the agent's logic is subverted through the injection surface. - EXTERNAL_DOWNLOADS (MEDIUM): The skill depends on the
@cloudbase/js-sdkpackage. Since this package and its organization (Tencent) are not within the defined 'Trusted GitHub Organizations', it is classified as an unverifiable dependency.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata