Back to skill

Security audit

Smart Commit

Security checks across malware telemetry and agentic risk

Overview

This appears to be a development-writing skill with minor activation and language-selection concerns, but no evidence of hidden, destructive, or credential-stealing behavior.

Install is reasonable if you want help drafting commit messages or PR descriptions. Be explicit about when you want the skill to analyze a diff or repository context, and specify the desired output language when that matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The README advertises broad natural-language trigger examples such as requests to 'write a commit message' or 'generate PR description', which can overlap with ordinary conversation and cause the skill to activate unintentionally. In an agent setting, over-broad activation increases the chance that unrelated user content, pasted diffs, or sensitive repository context is processed when the user did not explicitly intend to invoke this capability.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
The skill states it will automatically detect project language and choose Chinese or English without explicit user opt-in. While not severe by itself, automatic language inference can lead to unintended analysis of repository content or metadata and may produce outputs in a language the user did not request, creating privacy, compliance, or workflow issues in enterprise environments.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill’s invocation conditions include broad everyday terms such as "commit", "提交", and related phrasing, which can cause the agent to activate in contexts where the user did not actually intend to use this skill. Mis-triggering is risky because the skill encourages repository-aware actions and analysis of diffs/logs, potentially steering the conversation toward unnecessary codebase inspection or git command suggestions.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
Automatically choosing output language based on project README/comments rather than explicit user preference can produce responses in an unexpected language and reduce user control. In a multi-language repository or mixed-language environment, this may cause confusion, incorrect assumptions about audience, or PR/commit text that is unsuitable for the intended reviewers.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.