Back to skill

Security audit

GitHub Reader

Security checks across malware telemetry and agentic risk

Overview

This skill transparently analyzes explicitly named GitHub repositories through GitHub's API and stores a local cache; the network and cache behavior fit its purpose.

Install this only if you are comfortable sending the repository names you ask it to analyze to GitHub's API and caching the resulting report locally. Avoid using it for sensitive private repository identifiers in environments where even the repo name should not be disclosed to GitHub API logs or local cache files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
78% confidence
Finding
The skill performs outbound requests to the GitHub API before any explicit user-facing notice or consent in the execution path. While the transmission target is a legitimate first-party service for the stated function, undisclosed network transmission can violate privacy expectations and organizational policy, especially when user prompts may contain private repository identifiers.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.