Back to skill

Security audit

Dev Workflow

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent development workflow helper, but it asks for broad autonomous control over code and GitHub workflows from common development prompts.

Install only if you intentionally want a high-autonomy development orchestrator. Use it in trusted repositories, require explicit confirmation before code changes, test runs, GitHub comments, PR creation, merges, or issue closure, and verify the delegated skills and GitHub credentials are least-privilege.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

High
Confidence
95% confidence
Finding
The skill advertises extremely broad trigger conditions such as any mention of a new feature, next step, or generic development planning, and then states it should run autonomously and decide what comes next. This creates a real prompt-routing vulnerability: normal developer conversation can unintentionally invoke a powerful orchestrator that performs multi-phase actions, increasing the chance of unauthorized repo changes, issue churn, or excessive autonomous execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.