Review Pr

Security checks across malware telemetry and agentic risk

Overview

This skill fits its PR-review purpose, but it can publish a Gitee PR comment through the user's MCP account without first requiring approval.

Install only if you are comfortable letting the skill use your configured Gitee MCP account to read pull request data and post review comments. Ask the agent to draft the review in chat first, confirm the exact repository and PR number, and approve the final text before allowing `comment_pull`.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill directs the agent to use `comment_pull` to post review results to the PR, but it does not clearly require user confirmation before performing this externally visible write action. In practice, this can cause unintended public or team-visible comments, potentially disclosing internal analysis, mistaken findings, or sensitive context gathered during review.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal