Forgejo

Security checks across malware telemetry and agentic risk

Overview

This Forgejo helper is coherent and not deceptive, but it should be reviewed because it gives an agent broad Forgejo CLI/API access and includes secret-listing and token-login examples without safety limits.

Install only if you want the agent to operate Forgejo through tea. Use a dedicated least-privilege token, avoid admin or organization-wide scopes where possible, and require explicit confirmation before any Actions, secret/variable, raw API, write, merge, delete, or administrative command. Do not paste or expose token values or secret-related output in chats or logs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly documents commands to list repository secrets and to add a Forgejo login using a token on the command line, but provides no warning about sensitive data handling, least-privilege tokens, shell history exposure, or authorization requirements. In an agent context, this can normalize secret enumeration and encourage unsafe token usage, increasing the chance of credential leakage or unauthorized access to CI/CD secrets.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal