GitHub Contributor
Security checks across malware telemetry and agentic risk
Overview
This is a conservative instruction-only skill that tells the agent to follow repository contribution rules before posting or opening GitHub items.
Install this if you want the agent to be careful and policy-compliant when contributing to repositories. Expect it to read contribution documents and templates, search for duplicates, slow down repeated outward actions, and refuse to proceed when repository rules or required checks cannot be satisfied.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.