Github Growth Tracker

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: track GitHub repository metrics using a GitHub token and local history files.

Use a least-privilege fine-grained GitHub token, preferably supplied through GITHUB_TOKEN rather than setup --token. If you do save the token, understand it is stored locally in plaintext, and set SKILL_DATA_DIR to a directory you control.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill advertises and instructs use of shell execution, network access, environment variables, and file writes, but does not declare permissions. That mismatch undermines user and platform visibility into what the skill can do, especially because it handles credentials and persists data locally.

Session Persistence

Medium

Category: Rogue Agent
Content: **Required:** GitHub Personal Access Token (fine-grained, public repo read-only). ``` Create at: github.com → Settings → Developer settings → Personal access tokens Type: Fine-grained Access: Public repos (read-only) ```
Confidence: 97% confidence
Finding: Create at: github.com → Settings → Developer settings → Personal access tokens Type: Fine-grained Access: Public repos (read-only) ``` Pass via `setup --token <TOKEN>` (saved to `<DATA_DIR>/git

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal