Coding Sessions

Security checks across malware telemetry and agentic risk

Overview

This is a transparent guide for running coding agents in long-lived tmux sessions; it is powerful and needs care, but the behavior matches the stated purpose.

Install only if you intentionally want to run autonomous coding agents in the selected repository. Use a disposable branch, worktree, or container for risky tasks, keep secrets out of scope, monitor tmux sessions, stop them when done, and review git diffs, logs, and tests before accepting any changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly recommends launching autonomous coding agents with `codex exec --full-auto` inside long-lived tmux sessions, which enables unattended code modification and command execution without adding guardrails, approval steps, or warnings about repository impact. The persistence and backgrounding make this more dangerous because changes can continue after the user disengages, reducing oversight and increasing the chance of unintended or unsafe modifications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal