Devops Automation Pack

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly inert DevOps documentation with high-impact example commands but no included automation that performs those actions.

Before installing, understand that this package appears incomplete and mainly documents DevOps workflows. Do not run similarly named deployment, monitoring, or backup scripts from another source unless you review them first, and never point DevOps automation at production infrastructure without confirming the target namespace, credentials, and rollback plan.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: This markdown file describes and demonstrates operations such as deployments, CI/CD setup, monitoring installation, database backups, and disaster recovery scripts, all of which can affect infrastructure, availability, or user data. The description provides no cautionary note, confirmation expectation, or warning about impacts on production systems.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal