github-research-assistant

Security checks across malware telemetry and agentic risk

Overview

The only supported concern is broad repo-inspection tool guidance, which fits a repository-analysis skill and is not evidence of hidden or harmful behavior.

Install this if you are comfortable letting the agent inspect the target repository using available tools or CLI commands. Keep use scoped to repositories you intend to analyze, and review any proposed shell command or file mutation before allowing it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The instruction to '善用 MCP、tool、skill、CLI 获取仓库信息' authorizes broad tool usage without limiting actions to read-only inspection of the target repository. In an agent environment, that can lead to overbroad access, command execution, network calls, or interaction with unrelated resources, especially if the model interprets CLI/tool use expansively.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal