PagerDuty Agent

Security checks across malware telemetry and agentic risk

Overview

This skill matches its PagerDuty management purpose, but it has an under-disclosed setting that can send the PagerDuty API token to any configured HTTP or HTTPS endpoint.

Install only if you want an agent to read and change PagerDuty data. Use a least-privileged PagerDuty API key, keep PAGERDUTY_BASE_URL unset unless you fully trust the endpoint, avoid any http:// endpoint, and require explicit confirmation for PagerDuty write operations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The skill sends the PagerDuty API token and optional account-identifying From header to a fully configurable BASE_URL, and it allows plain HTTP as well as HTTPS. An attacker who can influence environment variables can redirect requests to an arbitrary host and capture credentials or sensitive PagerDuty data, making this a real SSRF/credential-exfiltration risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal