Content Publisher Pro

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a straightforward publishing tool that uses user-provided GitHub and Dev.to credentials to post selected Markdown articles, with no evidence of hidden or unrelated behavior.

Before installing, use least-privilege GitHub and Dev.to credentials, keep config.yaml private, run --dry-run first, and avoid publishing secrets, private drafts, internal material, or content you do not have rights to share.

SkillSpector (1)

By NVIDIA

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README encourages one-click publishing to GitHub Pages and Dev.to but does not warn that article contents, metadata, and possibly referenced assets will be transmitted to third-party services and may become publicly accessible immediately. In a publishing skill, omission of clear disclosure and confirmation requirements can lead users to unintentionally expose sensitive drafts, internal information, or copyrighted material.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal