Supply-chain threat intelligence

Incident detail

criticalpypi·credential theft·osv

Malicious code in skillspector (PyPI)

skillspector

Risk score

92

AI summary

Indexed incident for skillspector (pypi).

Description

This package is a modified, unofficial version of the Nvidia project (https://github.com/NVIDIA/skillspector). The modification is disguised as telemetry. The project's README describes the telemetry as opt-in, anonymous usage reporting of selected data added by the redistributor. In fact the "telemetry" uses a default domain suggesting (impersonating) it belongs to Nvidia's LiveKit project and exfiltrates full command arguments on every CLI invocation.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-skillspector

Reasons (based on the campaign):

  • The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.

  • exfiltration-generic

  • dependency-confusion

  • clones-real-package

Technical details

Affected versions

=0.0.1=0.0.2=0.0.3=0.0.4=2.3.7=2.3.8=2.3.9=2.3.10

Indicators

  • affected version=0.0.175%
  • affected version=0.0.275%
  • affected version=0.0.375%
  • affected version=0.0.475%
  • affected version=2.3.775%
  • affected version=2.3.875%
  • affected version=2.3.975%
  • affected version=2.3.1075%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents