Sol Build Session

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended for coding build sessions, but it gives an agent broad autonomy and normalizes committing and pushing code without a clear user approval step.

Review this skill before installing. Use it only in repositories where the agent is allowed to make changes, and require explicit approval before staging files, committing, or pushing to a remote. Check diffs for secrets and unrelated files before allowing any publish step.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill is framed as a general-purpose framework for autonomous work and its 'when to use' section is broad enough to activate in many ordinary unattended sessions. That increases the chance an agent will take initiative and perform substantive actions without a narrowly scoped user request, which can lead to unintended file changes, research actions, or other side effects.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill explicitly instructs the agent to run git add, commit, and push as part of normal workflow, but it does not require user confirmation or warn that this modifies local repository state and may publish changes to a remote. In an autonomous session, this can cause unintended commits, leak sensitive material, or push experimental or harmful code/documentation to shared infrastructure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal