Back to skill

Security audit

Pipeworx dns

Security checks across malware telemetry and agentic risk

Overview

This is a simple DNS lookup skill that sends requested domains or IPs to remote DNS services, with no evidence of persistence, credential access, or destructive behavior.

Install only if you are comfortable sending DNS queries to the Pipeworx gateway and Google DNS-over-HTTPS. Avoid querying confidential internal hostnames, private infrastructure indicators, or sensitive investigation targets unless that disclosure is acceptable; review the optional npx mcp-remote@latest setup if you prefer pinned dependencies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
95% confidence
Finding
The skill explicitly sends user-supplied DNS queries to external third-party infrastructure, but the description does not prominently warn users that queried domains and IPs will be transmitted to Google DNS-over-HTTPS and the Pipeworx gateway. This creates a privacy and operational-security risk because internal hostnames, investigation targets, or sensitive infrastructure indicators may be disclosed during use.

External Transmission

Medium
Category
Data Exfiltration
Content
openclaw:
    requires:
      bins:
        - curl
    emoji: "🔍"
    homepage: https://pipeworx.io/packs/dns
---
Confidence
90% confidence
Finding
curl emoji: "🔍" homepage: https://pipeworx.io/packs/dns --- # DNS Lookup Query DNS records for any domain using Google's DNS-over-HTTPS service. Supports all common record types (A, AAAA, MX

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.