pain-to-pip-package

Security checks across malware telemetry and agentic risk

Overview

This skill describes a useful automation pipeline, but it can publish generated code to GitHub without clear limits or approval steps.

Review the actual pipeline implementation before using this skill. Run it locally or in dry-run mode first, use a repository-scoped GitHub token with minimal permissions, and require manual approval before any push, package release, or scheduled production run.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly advertises automatic GitHub push/publishing behavior but does not clearly warn users that running the pipeline may modify remote repositories. In an agent or automation context, this can lead to unintended code publication, repository changes, credential use, or disclosure of generated content without informed user consent.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The example command targets production and is presented without any warning that execution may collect external Reddit data, generate code, build packages, and publish artifacts to GitHub. Users may run it as a simple demo and unknowingly trigger network actions, production-side effects, or public release workflows.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal