Git Stats

Security checks across malware telemetry and agentic risk

Overview

This skill locally analyzes Git repositories and may display contributor emails, but the reviewed artifacts show no hidden sending, persistence, or destructive behavior.

Install only if you are comfortable letting the agent run local git commands and read tracked files in repositories you explicitly choose. Treat generated reports as potentially containing personal data, including contributor emails and repository paths.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill advertises and instructs use of shell commands and repository file access, but declares no permissions or user-facing constraints. This creates a capability transparency problem: an orchestrator or user may invoke a skill that reads local repositories and executes CLI tooling without explicit disclosure, increasing the risk of unintended data access or command execution in sensitive directories.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The description uses broad trigger phrases like analyzing a repo, showing git stats, getting contributor info, and visualizing activity patterns, which can match many common developer requests. Over-broad routing can cause the skill to activate in contexts where the user did not intend local repository inspection, leading to unnecessary access to git history, file metadata, and contributor information.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documentation states that top contributors are shown with email addresses but does not warn that this exposes personally identifiable information from git history. In shared environments, demos, logs, or automated outputs, contributor emails can be disclosed to unintended recipients, creating privacy and compliance issues.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script collects and prints contributor email addresses from git history in both text and JSON output without any consent prompt, masking, or warning. In many environments commit emails are personal data, and exposing them in reports can leak PII to users, logs, chat transcripts, or downstream systems that did not need full addresses.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal