Proof Of Contribution

Security checks across malware telemetry and agentic risk

Overview

This is a short, visible guide for setting up a Bitcoin payment GitHub Action, with no bundled code or hidden execution in the skill itself.

Before installing, review the referenced GitHub Action source and permissions, consider pinning it to a commit SHA instead of a version tag, and only send payment or workflow information to the listed third-party services if you trust them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger guidance is very broad ('any question about getting paid for open source work' and general Bitcoin/GitHub topics), which can cause the skill to activate in conversations where the user did not ask for this specific tool. In a finance/crypto context, unintended invocation is riskier because the skill promotes a specific third-party payment workflow and could steer users toward external financial infrastructure without clear consent or relevance.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill instructs sending a POST request to an external endpoint (btcvision.org) but does not provide a user-facing warning, consent step, or explanation of what data may be transmitted. Even though the sample body is small, hidden or automatic external requests can expose conversation-derived data, create privacy issues, and normalize contacting third-party services in a financial/crypto workflow.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal