Greptile

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a coherent Greptile API wrapper, but its status command can run unintended local code if given crafted repository, branch, or remote text.

Review before installing. Use only trusted repo, branch, and remote values with this version, prefer a fine-grained GitHub token limited to the intended repositories, and index only code you are authorized to share with Greptile.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

High

Confidence: 91% confidence
Finding: The script collects a GitHub token from environment variables or the gh CLI and forwards it to a third-party service in the X-GitHub-Token header without an explicit user-facing warning or scope validation. This is dangerous because a powerful source-control credential is being disclosed to an external API, which increases the blast radius if the service is compromised, logs headers, or users do not realize their GitHub token is being shared.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal