Sg

Security checks across malware telemetry and agentic risk

Overview

This GitHub repository-management skill appears legitimate, but its advertised ability to get or set repository secrets is sensitive and not clearly bounded in the supplied evidence.

Review the skill carefully before installing. Use a GitHub token with the narrowest permissions possible, do not allow it to display secret values in plain text, and require explicit confirmation before creating, changing, or retrieving any secret-related data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill advertises the ability to get and set repository secrets but provides no warning about the sensitivity of secrets, permission requirements, audit implications, or the risk of exposing or overwriting credentials. In an automation-oriented GitHub skill, this omission can normalize high-risk operations and increase the chance that users invoke secret-management actions unsafely or without adequate confirmation.

VirusTotal

No VirusTotal findings

View on VirusTotal