Disinto Factory

Security checks across malware telemetry and agentic risk

Overview

The skill appears coherent for running an autonomous code factory, but it includes broad repo, CI, credential, and container-control steps with some under-scoped destructive and privileged operations.

Install only if you intentionally want an autonomous development factory with access to repositories, CI, local tokens, Docker containers, and optional external mirrors. Run it in an isolated environment, use trusted workloads, review mirror and merge settings, and require human confirmation before branch deletion, state cleanup, hard resets, password resets, or privileged host-network CI changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill recommends closing PRs, deleting branches, removing lock/state files, and running `git reset --hard origin/main` without warning that local changes or debugging artifacts will be irreversibly lost. In an automation/factory context, operators may run these steps routinely, making accidental data loss more likely.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal