GitHub Personal Repo Publisher

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed GitHub publishing workflow with sensitive but purpose-aligned repo, remote, push, and token use.

Before installing or invoking, confirm that the GitHub owner grey0758, SSH alias github-grey0758, 1Password PAT item, target repository name, and private/public visibility are exactly what you intend. Use it only on a repository whose committed history is safe to upload to GitHub, and check for secrets or proprietary files first.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The FAQ states that the skill reads a GitHub personal access token from 1Password, but it provides no explicit warning, consent step, or description of how credential access is constrained. In a skill that publishes repositories to a personal GitHub account, silent or underexplained access to stored secrets increases the risk of unexpected credential use, token overreach, or user confusion about what sensitive data the agent will retrieve.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The README instructs users to publish a local Git repository to GitHub but does not explicitly warn that pushing will transmit repository contents, history, and possibly sensitive files or secrets to a third-party remote service. In a repo-publishing skill, omission of that warning can cause accidental disclosure if users assume the action is purely local or fail to review what is being pushed.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The README references SSH-based access and a 1Password-stored GitHub PAT but does not include guidance on secure credential handling, token scope minimization, or avoiding accidental exposure in shell history, logs, or screenshots. Because this skill is specifically about creating and publishing repositories, users may handle high-privilege credentials during execution, increasing the chance of credential leakage or misuse.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal