work-fllows

Security checks across malware telemetry and agentic risk

Overview

This NocoBase workflow skill is instruction-only and purpose-aligned, but it grants persistent and destructive workflow administration powers without enough confirmation or scoping guidance.

Install only if you intend to let the agent administer NocoBase workflows. Use least-privilege NocoBase access, prefer staging first, and require the agent to show the target collection, trigger, SQL, webhook destinations, workflow ID/title, and any enable or delete action for explicit approval before it runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger list contains very generic activation terms such as 'workflow', 'automation', and 'trigger', which can match ordinary user conversation and cause the skill to activate unintentionally. Because this skill exposes workflow-creation and deletion capabilities, accidental activation increases the chance the agent will perform sensitive administrative actions in the wrong context.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill advertises destructive tools like nb_delete_workflow and nb_delete_workflows_by_prefix without any warning, guardrails, or explicit confirmation requirements. In a workflow-administration context, this is dangerous because an accidentally triggered or poorly instructed agent could delete large sets of workflows, causing configuration loss and service disruption.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal