CI发布工程师 环境兼容与命令安全
Security checks across malware telemetry and agentic risk
Overview
This is a narrow CI command-safety guidance skill with no executable code, install hooks, credential handling, persistence, or hidden high-impact behavior in the artifact.
This skill is reasonable to install if you want help reviewing CI commands, shell quoting, Windows/PowerShell behavior, and PHP compatibility. As with any skill that may ask an agent to run validation commands, review the exact command before running it in a real project or CI environment.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.