Security audit

CI Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed CI/CD helper with expected token and build-control examples, but users should treat its commands as real operational actions.

Install only if you want an agent to help inspect and operate CI systems. Use least-privilege or temporary CI tokens, avoid broad admin credentials, do not paste real tokens into shared chats or logs, and require explicit user confirmation before triggering builds, rerunning workflows, or retrying pipelines.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill includes state-changing operations such as triggering builds, rerunning jobs, and retrying pipelines without an explicit warning or confirmation requirement. In CI/CD environments, these actions can consume resources, redeploy code, or interfere with production-adjacent workflows if invoked casually or by a confused agent.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill instructs users to export and use Jenkins and GitLab tokens but does not warn about credential sensitivity, least privilege, shell history exposure, or avoiding log/output disclosure. In a CI-monitoring context, these credentials may grant broad visibility or control over pipelines, so poor handling can lead to unauthorized build actions or disclosure of internal systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.