Rail CLI
Security checks across malware telemetry and agentic risk
Overview
The inspected skills are coherent maintainer and Convex-development helpers, with powerful actions disclosed and generally gated by user intent.
Before installing, be aware this skill set is meant for trusted maintainers and developers. Only use the moderation, migration, deploy, proof-publishing, and autoreview helper commands in repositories and accounts where you are comfortable granting that level of authority; consider opting out of the autoreview helper's full-access nested Codex mode when tighter containment is needed.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.