HTTP Retry Circuit Breaker

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward HTTP retry and circuit-breaker utility, with the main caution that retries can repeat requests that change data.

Reasonable to install for HTTP resilience use cases. Use extra care with payments, account changes, publishing, deletes, or any POST/PUT/PATCH-style operation: prefer idempotency keys, limit retries to safe methods where possible, and avoid sending sensitive data to endpoints you do not trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly promotes automatic HTTP retries to external services but does not warn users that retries can retransmit data multiple times, potentially increasing unintended data disclosure or duplicate side effects. In a reusable skill, this omission is security-relevant because users may apply it to non-idempotent or sensitive requests without realizing the transmission and privacy implications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal