DevOps Ops Bot

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real server-monitoring skill, but it documents unsafe install shortcuts and can run restart commands on servers.

Review the upstream package before installing. Prefer a pinned npm version or pinned container digest, avoid the curl-to-bash option, protect webhook URLs as secrets, and only enable cron or auto-restart with tightly scoped permissions for specific services.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

External Script Fetching

Low

Category: Supply Chain
Content: npm install -g @gruted/devops-ops-bot # or one-liner curl -fsSL https://raw.githubusercontent.com/gruted/devops-ops-bot/main/install.sh | bash # or Docker docker run --rm ghcr.io/gruted/devops-ops-bot:latest check
Confidence: 97% confidence
Finding: curl -fsSL https://raw.githubusercontent.com/gruted/devops-ops-bot/main/install.sh | bash

Chaining Abuse

High

Category: Tool Misuse
Content: npm install -g @gruted/devops-ops-bot # or one-liner curl -fsSL https://raw.githubusercontent.com/gruted/devops-ops-bot/main/install.sh | bash # or Docker docker run --rm ghcr.io/gruted/devops-ops-bot:latest check
Confidence: 99% confidence
Finding: | bash

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal