Data Exfiltration
Unauthorized transfer of data from a system to an external destination.
Data exfiltration in skill files occurs when instructions or code cause the AI assistant to send sensitive information—source code, credentials, environment variables—to external servers. This can happen through curl or fetch calls to attacker-controlled URLs, webhook services like ngrok or requestbin, or base64-encoded exfiltration channels.
Skill files that instruct the model to run network requests with user data, or that reference known exfiltration services, pose a critical risk. A compromised SKILL.md could silently leak proprietary code or secrets every time a developer uses the assistant.
skillaudit scans for outbound data-sending patterns: POST requests to non-whitelisted domains, references to webhook and tunneling services, and base64 encoding used for exfiltration. We flag these as critical findings and recommend removal or review.