Auto Glossary

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about maintaining a glossary, but it can automatically edit, commit, and push to a GitHub repository from broad coding-session triggers without a clear approval step.

Install only if you are comfortable with the agent updating and pushing to the configured tech-glossary repository during coding sessions. Prefer requiring the agent to show proposed terms first, review local edits before commit, and approve any git push explicitly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger conditions are broad enough that the skill may activate during ordinary coding discussions whenever technical terminology appears, even without a clear user request to update the glossary. Because the skill is designed to make persistent changes to an external GitHub repository, unintended activation can lead to unwanted commits, noisy repo changes, and accidental disclosure of work-context terminology.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs the agent to modify, commit, and push changes to a GitHub repository without an upfront warning or explicit approval gate. This creates a real risk of unauthorized or surprising external side effects, including repository pollution, accidental leakage of sensitive project terms, and irreversible remote updates if the skill triggers automatically.

VirusTotal

No VirusTotal findings

View on VirusTotal