Nm Egregore Quality Gate

Security checks across malware telemetry and agentic risk

Overview

This quality-gate skill is mostly coherent, but it can make persistent git and GitHub review changes after broad triggers such as “review” or “quality.”

Install only if you want an egregore-specific quality pipeline that may commit fixes and post live GitHub PR reviews. Prefer using it with explicit mode and PR number, and review proposed GitHub actions before allowing the agent to run them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list includes generic terms such as "review," "quality," and the phrase "running quality checks before a PR," which are likely to match ordinary user requests and cause this skill to activate unexpectedly. Because this skill can orchestrate other skills, run git/CLI workflows, and in PR-review mode post GitHub reviews, overly broad activation increases the chance of unintended side effects from ambiguous prompts.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The PR-review workflow explicitly performs external side effects by posting GitHub reviews and inline comments via `gh api`, but the skill description and usage guidance do not prominently warn users that invoking PR-review mode will write to GitHub. This can lead to accidental approval, comment spam, or unintended REQUEST_CHANGES actions on live repositories when a user expects only local analysis.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal