Back to skill

Security audit

RustChain Bounty Hunter-v2-1

Security checks across malware telemetry and agentic risk

Overview

The skill is coherent, but it asks an agent to modify code and push to a user fork without clear approval gates or scope limits.

Install only if you want this skill to make code changes and prepare GitHub PR work on your behalf. Before using it, require the agent to show the planned files, branch, fork, commit contents, and push destination, and do not allow commits or pushes without an explicit approval step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill can be invoked by a very broad request such as asking which bounty to do next, without clear trigger phrases, boundaries, or confirmation gates. In a coding agent context, ambiguous activation increases the chance the agent will autonomously begin repository work and related actions the user did not explicitly authorize, especially when combined with claims that it will handle coding, testing, and PR preparation.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly advertises pushing code to the user's fork and preparing a pull request, but it does not warn about repository modification, remote actions, credential use, or the need for explicit approval. This is dangerous because it normalizes high-impact external actions that can change codebases and publish artifacts to remote repositories without informed consent, creating risk of unwanted commits, data exposure, or supply-chain impact.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.