Back to skill

Security audit

GitHub

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed GitHub connector skill with powerful but purpose-aligned actions and explicit confirmation rules for write or destructive operations.

Install only if you are comfortable letting the OOMOL connector operate on GitHub data available to your connected account. Pay special attention to prompts involving writes, file changes, branch operations, workflow reruns, or repository deletion, and confirm the exact repository, target, and payload before approving them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger text instructs the agent to use this skill for ANY GitHub request, including reading, creating, updating, and deleting data. That broad routing can cause the skill to be invoked for casual GitHub mentions or low-risk informational tasks, unnecessarily exposing a powerful connector with write and destructive capabilities and increasing the chance of unintended state-changing operations.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.