ci-cd-watchdog

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only CI/CD troubleshooting skill that analyzes user-provided logs and gives repair or rollback advice, with no executable code or hidden persistence.

Safe to install as an advisory skill, but do not paste unredacted CI logs containing secrets. Treat generated commands as suggestions: verify paths, commits, environment assumptions, and use staging, dry-run, or normal change approval before applying fixes or rollbacks in production.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill is defined very broadly as an intelligent CI/CD operations assistant that parses logs, identifies root causes, and generates remediation and rollback instructions, but it does not constrain when it should refuse, what environments are in scope, or what unsafe outputs must be excluded. In a CI/CD context, unconstrained advice can lead to generation of risky operational guidance such as destructive rollback steps, unsafe secret handling, or inappropriate production actions based on incomplete log snippets.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal