Skylv Github Actions Helper

Security checks across malware telemetry and agentic risk

Overview

This is a simple markdown-only GitHub Actions workflow helper with no executable code or hidden install behavior.

Installation is low risk, but review any generated workflow before committing it. Pay particular attention to action versions, repository permissions, deployment steps, and any secret references, because applying a CI workflow can change how your repository builds, tests, or deploys.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger configuration is broad enough to match common CI/CD-related requests, which can cause the skill to activate in situations where a more specific or safer skill should handle the request. This is not directly exploitable as code execution, but it can lead to inappropriate routing, over-application of workflow generation, and reduced user intent fidelity.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The 'When to Use' guidance uses loose natural-language conditions like 'set up CI' and 'deploy with github actions,' which leaves room for inconsistent or unintended activation. In practice, this can cause the skill to be selected for vague build/deployment requests without confirming platform, repository context, or whether the user actually wants GitHub Actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal