Fix Plan

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed task-tracker management helper that edits planning files and checks GitHub state, with no evidence of hidden or malicious behavior.

Install this if you want an agent to maintain fix_plan.md or checklist.md for you. Be aware it is designed to change those files automatically based on GitHub PR/issue state and to archive/delete completed issue-draft tracker entries, so review the resulting diff when using sync or issue-draft cleanup.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill explicitly instructs automatic modification of `fix_plan` content based on external GitHub state, but it does not require an explicit user confirmation or prominent warning that local planning data will be changed. This creates a real integrity risk: an agent could alter project-tracking artifacts unexpectedly, including converting items to completed or blocked states based on ambiguous references or stale external data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal