ShipGuard

Security checks across static analysis, malware telemetry, and agentic risk

Overview

ShipGuard is a coherent development workflow, but it creates and reuses persistent project memory and can activate on broad code-change requests, so it should be reviewed before installation.

Install this only if you want the assistant to maintain a persistent .dev-workflow directory in your projects and reuse those files as memory in later sessions. Review generated PROJECT.md, lessons, and hard-rules files regularly, keep them under normal code review, and be cautious using this on repositories containing sensitive business logic or client data.

SkillSpector (4)

By NVIDIA

Vague Triggers

High

Confidence: 92% confidence
Finding: Triggering on broad verbs like build, fix, refactor, add, change, or optimize makes accidental activation likely during ordinary conversation. In an agent setting, unintended activation can cause the workflow to start writing files, loading persistent context, or invoking discovery commands in situations where the user did not intend it.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill states that it maintains a hidden workflow directory and auto-generates project files, but this persistence is not prominently disclosed as an upfront side effect. Silent creation and ongoing modification of project artifacts can leak sensitive project context, create audit noise, and surprise users who expected a stateless assistant interaction.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs auto-loading of PROJECT.md and lessons files as cross-session memory, but does not clearly warn that this creates persistent contextual carryover across future interactions. Persistent memory can inject stale, sensitive, or attacker-planted instructions into later sessions, increasing the risk of privacy leakage and prompt/context poisoning.

Persistent Context Injection

Medium

Category: Memory Poisoning
Content: # ShipGuard — Hard Rules This file contains permanent rules that never expire. Loaded automatically at session start. Applied before handling any request. Format: [Date established] [CR that established it] Rule
Confidence: 88% confidence
Finding: permanent rule

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal