Back to skill

Security audit

codebase-to-course-cn

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a legitimate codebase-to-course generator, with expected file creation and a small local build step that are disclosed and aligned with its purpose.

Install if you want an agent to read a codebase and generate a local HTML course. Use it on repositories you trust or in a disposable workspace, check the derived output directory before generation, and review generated HTML before sharing or opening it for sensitive codebases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
技能目标本质是分析代码库并生成课程内容,但却进一步要求执行 `bash build.sh` 并在浏览器中打开结果,这引入了不必要的命令执行和本地应用启动面。若参考文件或生成内容被污染,构建脚本可能执行任意 shell 操作,浏览器打开本地生成页面也可能触发主动内容执行或隐私暴露。

Missing User Warnings

Medium
Confidence
95% confidence
Finding
文档要求在用户提供 GitHub 链接时执行 `git clone`,并在后续写入课程目录、运行 `bash build.sh`,但没有要求在这些副作用操作前进行明确告知和确认。用户可能只期望获得分析结果,却在不知情下触发本地文件修改、远程内容拉取和 shell 执行,造成工作区污染、脚本风险或供应链暴露。

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.