Asana Git Retex

Security checks across malware telemetry and agentic risk

Overview

This is a narrow Asana/Git workflow note, but it gives unsafe instructions for storing live GitHub and Asana tokens.

Review before installing. The skill is not malicious and does not contain executable code, but do not follow the token-storage commands as written. Prefer Git credential helpers, SSH deploy keys, GitHub CLI auth, or short-lived tokens, and retrieve Asana credentials just-in-time from 1Password or another secret manager instead of writing them to a plaintext file.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly instructs writing a live Asana token from 1Password into a local plaintext file under ~/.config/tokens. This increases the chance of credential disclosure through weak filesystem permissions, backups, shell history, or accidental inclusion in logs and makes the automation depend on long-lived static secrets stored on disk.

Missing User Warnings

High

Confidence: 99% confidence
Finding: The skill recommends embedding a GitHub PAT directly in the Git remote URL, which can expose the secret via git config, process listings, logs, shell history, crash reports, and copied repository metadata. Because this is operational guidance for routine backup automation, the unsafe pattern is likely to be repeated and persist unnoticed.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal