Back to skill

Security audit

Git Commit Helper Pro

Security checks across malware telemetry and agentic risk

Overview

This appears to be a Git commit-message helper whose access to repository changes is expected, with some caution around broad trigger wording.

Install only if you are comfortable with the skill reading Git status and diffs to draft commit messages. Invoke it explicitly, review any generated message before use, and avoid running it on changes that contain secrets or sensitive private data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example trigger '帮我生成 commit message' is a broad, natural-language phrase that could be invoked unintentionally in normal conversation. For an agent skill, overly generic triggers increase the chance of accidental activation and unintended access to repository context or git state.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad natural-language requests such as asking to generate a commit message or analyze current changes, which are common developer interactions and can easily overlap with ordinary conversation. This can cause unintended activation in contexts where the user did not explicitly invoke the skill, leading the agent to inspect repository state or diffs unexpectedly and increasing the risk of prompt/skill hijacking through ambient context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
index.js:73