GitHub Action Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward GitHub Actions workflow generator, but users should review generated workflow files and avoid putting secrets in prompts.

Install only if you are comfortable sending the workflow description to OpenAI. Do not paste tokens, credentials, private infrastructure details, or sensitive deployment logic into the prompt. Prefer printing the YAML or writing to a new file first, then review it like code before committing it because GitHub Actions can run with repository permissions and secrets.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The function sends raw user-provided workflow descriptions to the OpenAI API, which is a third-party network service. If users include proprietary CI details, internal repository structure, secrets, or deployment logic in the prompt, that data is exfiltrated outside the local environment without any visible notice, consent flow, or input filtering in this code.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The function sends raw user-provided workflow descriptions to an external LLM API with no indication of notice, consent, redaction, or data handling controls. In a CI setup skill, users may paste internal repository details, secrets, infrastructure names, or pipeline logic, so transmitting that text off-platform can create confidentiality and compliance risk.

VirusTotal

40/40 vendors flagged this skill as clean.

View on VirusTotal