Back to skill

Security audit

tool-call-retry

Security checks across malware telemetry and agentic risk

Overview

This is a transparent retry wrapper for tool calls, but users should avoid applying it blindly to actions that spend money, modify data, send messages, or delete content.

Use this skill primarily for read-only or safely repeatable operations. For writes, purchases, emails, account changes, database updates, or deletions, require explicit user approval, idempotency keys or deduplication, least-privilege credentials, and human review of any LLM-generated repair before execution. Avoid caching sensitive results unless the runtime boundary is trusted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README promotes automatic retries, error self-healing, and idempotency as broadly safe for external tool calls, but it does not clearly warn that retries can repeat non-idempotent actions such as purchases, writes, emails, or state-changing API calls. In an agent setting, this omission can lead users to apply the wrapper to unsafe operations and unintentionally trigger duplicate side effects or inconsistent state.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The examples show retrying network/API and database operations, including LLM-based automatic SQL repair, without warning about privacy, integrity, or data exfiltration risks. Sending error messages, SQL fragments, prompts, or tool outputs to an LLM or third-party API for automatic correction can expose sensitive data and may produce modified commands that change behavior in unsafe ways.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill advertises applicability to essentially any external API/tool call and high-reliability agent workflow, which can cause an orchestrator or user to invoke it far more broadly than intended. Overly broad scoping increases the chance it wraps sensitive, non-idempotent, or side-effecting operations where automatic retries and parameter repair may be unsafe.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.