Back to skill

Security audit

find-skills-gitcode

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill helps find and install other skills, and its risky parts are disclosed and tied to that purpose.

Use this skill when you intentionally want to discover installable skills. Before installing anything it recommends, review the package source, publisher reputation, and exact command; avoid global no-confirm installs unless you trust the skill and want it available beyond the current session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The frontmatter description says the skill should be used for broad prompts like 'how do I do X' or general interest in extending capabilities. Those triggers overlap heavily with ordinary assistance requests, so the skill may activate when the user did not intend package discovery or installation, creating unnecessary exposure to third-party package suggestions and install flows.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The usage rules include ambiguous conditions like 'might be a common task' and 'expresses interest in extending capabilities' without guardrails. In a package-discovery skill, this ambiguity increases the chance of unsolicited recommendations or transitions into installing external code, which is riskier than a purely informational skill.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill recommends `npx skills-gitcode add <owner/repo@skill> -g -y`, which both installs globally and suppresses confirmation prompts. That combination can lead to silent installation of third-party code with persistent system-wide effects, reducing user awareness and eliminating a safety checkpoint in a workflow centered on discovering external packages.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.