Security audit

GitHub AI Trends Reporter

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it queries GitHub for AI repository trends and formats the results, with normal caution around optional GitHub token use.

Install if you are comfortable with the skill making GitHub API requests. It can run without a token; if you use one, prefer a low-scope GitHub token and avoid tokens that expose private repository metadata unless you are comfortable with names and descriptions from accessible repos appearing in chat output.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill instructs the agent to execute a local script that uses network access to query the GitHub API and may read a GitHub token from the environment, yet the skill declares no permissions. This creates a transparency and policy gap: a caller or platform may believe the skill is purely presentational, while it can make outbound requests and access sensitive environment data, increasing the risk of unintended token exposure or unauthorized external communication.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal