Google BigQuery

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward BigQuery integration that needs a Maton API key and OAuth connection, with sensitive but expected access to query and manage BigQuery resources.

Install only if you trust Maton to broker OAuth access to your BigQuery account. Use least-privilege Google permissions, verify the intended project, dataset, table, and connection ID before requests, avoid broad SELECT * queries on sensitive data, and require explicit review for any operation that creates, updates, deletes, writes query results, or may incur costs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill prominently enables querying and listing BigQuery resources but does not clearly warn that read operations can disclose sensitive table contents, schema details, project metadata, and job history. In a data warehouse context, even 'read-only' access can expose highly sensitive business or personal data, so the omission increases the risk of unsafe use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal