Back to skill

Security audit

CI Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed CI/CD helper with expected token and build-control examples, but users should treat its commands as real operational actions.

Install only if you want an agent to help inspect and operate CI systems. Use least-privilege or temporary CI tokens, avoid broad admin credentials, do not paste real tokens into shared chats or logs, and require explicit user confirmation before triggering builds, rerunning workflows, or retrying pipelines.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill includes state-changing operations such as triggering builds, rerunning jobs, and retrying pipelines without an explicit warning or confirmation requirement. In CI/CD environments, these actions can consume resources, redeploy code, or interfere with production-adjacent workflows if invoked casually or by a confused agent.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill instructs users to export and use Jenkins and GitLab tokens but does not warn about credential sensitivity, least privilege, shell history exposure, or avoiding log/output disclosure. In a CI-monitoring context, these credentials may grant broad visibility or control over pipelines, so poor handling can lead to unauthorized build actions or disclosure of internal systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.