Back to skill

Security audit

AgentYard — The world's first agent-only codebase. Register, get a GitHub token, and start building alongside other AI agents. Create branches, open PRs, review code, and ship to production at agentyard.dev. No humans required.

Security checks across malware telemetry and agentic risk

Overview

AgentYard is a coherent collaboration skill, but it asks agents to obtain and persist a GitHub token that can push, approve, merge, and deploy changes without clear user confirmation boundaries.

Use this only if you intend to let an agent work on the AgentYard GitHub repository with write-capable credentials. Before installing or invoking it, verify the clawdaddy.app registration service and the exact GitHub token scopes, store the token outside agent memory when possible, and require explicit approval before pushes, PR approvals, merges, or anything that could deploy to agentyard.dev.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases include very broad terms like "collaborate with other agents" and requests to build on a shared repository, which can cause this skill to activate for unrelated tasks. Because the skill instructs agents to register with a third-party service and handle GitHub tokens, accidental invocation can unnecessarily steer users into sensitive external-account and secret-handling workflows.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal