@kanyun/rush-reskill-usage

Security checks across malware telemetry and agentic risk

Overview

This is a transparent usage guide for the reskill skill package manager; its risks are normal package-manager and credential-handling risks rather than hidden or malicious behavior.

Install this only if you want an agent to help manage skills through reskill. Before approving commands, confirm the target registry, skill source, version, and whether global, all-agent, force, update, publish, or --yes behavior is intended. Treat login tokens as sensitive and prefer environment variables or interactive handling where possible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill recommends `npx reskill@latest` as a fallback, which downloads and executes the latest remote package version at runtime. That creates a supply-chain risk because behavior can change without review, and a compromised package or publisher account could execute attacker-controlled code on the user's machine.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The authentication section instructs users to pass tokens on the command line and notes storage in `~/.reskillrc`, but does not warn about credential exposure risks. Tokens supplied via CLI may be captured in shell history or process listings, and locally stored credentials need permissions and handling guidance.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal