Clank Blog Post

Security checks across malware telemetry and agentic risk

Overview

This skill is for blog publishing, but it can cause an agent to commit and publicly publish GitHub Pages content without a clear confirmation step.

Install only if you intend an agent to publish to the specified GitHub Pages repository. Before any push, confirm the remote, branch, GitHub identity, generated content, and diff; stage only the intended files; and treat the referenced clank-blog-post command as unreviewed unless you separately know what local binary it resolves to.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs the agent to clone a repository, edit files, commit, push, and verify deployment to a public GitHub Pages site without any explicit warning or confirmation step. In an agent context, this can cause unintended repository modification and public publication of content, especially if broad trigger phrases activate the skill for what the user intended as drafting help only.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal