GitHub每日热榜前十项目名称和简介获取
Security checks across malware telemetry and agentic risk
Overview
This skill fetches public GitHub trending project information and formats it in Chinese, with no evidence of hidden or harmful behavior.
Install only if you are comfortable with the skill making a live request to GitHub when invoked. It may require Python packages such as requests and beautifulsoup4 to already be available, but it does not request sensitive permissions or handle private data.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.