Back to skill

Security audit

Harness Engineering

Security checks across malware telemetry and agentic risk

Overview

This is a coherent coding workflow skill, but it tells agents to commit and push code without a clear approval checkpoint.

Install only if you want an agent-managed engineering workflow that creates persistent `.harness` records. Before use, require manual approval before any `git commit` or `git push`, review the diff and commit message, confirm the target branch and remote, and keep secrets out of generated harness files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill explicitly instructs the agent to perform `git commit + push`, which crosses from workflow guidance into external side-effect execution by modifying and transmitting repository state to a remote. In an agent context, `git push` can publish unreviewed code, secrets, or sensitive history without explicit per-task user authorization, making this materially risky.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Instructing agents to run `git commit + push` without warning the user about local modification and remote transmission creates an unsafe autonomy pattern. Even if intended as normal delivery workflow, it can cause irreversible publication of code or confidential data and bypass the user's expectation of review before external actions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The SIMPLE workflow says to execute directly without requiring any warning or approval despite possible file/code modifications. This weakens consent and safety boundaries by normalizing autonomous changes, which can still damage local state or introduce unintended edits even if no remote push occurs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.