xdrop
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local scripts (upload.mjs, download.mjs) executed via the Bun runtime to manage file transfers. This is the primary intended functionality.
- [EXTERNAL_DOWNLOADS]: Downloads encrypted data and manifests from user-specified Xdrop server URLs. The process includes integrity checks and local decryption.
- [DATA_EXFILTRATION]: Facilitates the upload of local files to a remote server. This behavior is explicitly requested by the user and is the core purpose of the skill.
- [SAFE]: The implementation includes security best practices such as path sanitization in scripts/download.mjs to mitigate directory traversal risks when saving files.
Audit Metadata