Back to skill

Security audit

Git Deployer

Security checks across malware telemetry and agentic risk

Overview

This skill is a real deployment helper, but it can overwrite a Git branch and may reuse an unsafe temporary clone without enough safeguards.

Install only if you intend to use a tool that can overwrite the target Git branch. Before running it, verify the site directory, remote URL, branch, and Git identity; prefer a scoped deploy key and a disposable or validated clone path. Avoid using it on shared or protected branches unless you have a backup and explicitly want history replacement.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The script derives a predictable path under /tmp from the remote URL and reuses any existing directory there without verifying that it is actually the intended repository or even a valid safe git working tree for that remote. This can cause deployment into attacker-controlled or stale local content, leading to unintended file deletion, commits, and force-pushes to the configured remote branch.

Missing User Warnings

High
Confidence
90% confidence
Finding
The script unconditionally force-pushes the target branch, which overwrites remote history without any confirmation or safety gate. In a deployment context this is especially dangerous because any mistake in branch selection, remote selection, or local state can irreversibly replace legitimate content and erase audit/history on the published branch.

VirusTotal

44/44 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.