CodeRabbit Code Review

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate CodeRabbit code-review skill, but it can send code diffs to an external service under a broad autonomous trigger.

Install only if you are comfortable with CodeRabbit receiving code diffs for review. Use it with explicit review requests, narrow the target when possible, check staged and unstaged diffs for secrets first, and authenticate with the minimum required permissions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The manifest description explicitly says the skill should trigger not only on explicit review requests but also autonomously whenever the agent 'thinks a review is needed,' which is an overly broad activation condition. In practice, this can cause unintended invocation of an external code-review workflow that may transmit repository diffs to a third-party API, expanding data exposure and increasing the chance of surprise actions without clear user intent.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal