Security audit

Domainion Ops

Security checks across malware telemetry and agentic risk

Overview

This skill transparently helps with registrar and DNS administration, but it can affect real domains and billing if used with live credentials.

Install this only if you want an agent to assist with real domain and DNS administration. Use sandbox accounts where possible, protect registrar API keys, and require an explicit review before purchases, renewals, transfers, auth-code retrieval, nameserver changes, DNSSEC changes, full-zone replacements, forwarding changes, or record deletions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: This section documents billable and account-changing operations such as domain purchase, renewal, and account updates without consistently requiring explicit user confirmation or clearly warning about irreversible cost and service effects. In an agent skill context, such examples can normalize unsafe automation patterns that could trigger unintended purchases, renewals, or configuration changes against a live registrar account.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The delete-records example performs a destructive DNS action without an adjacent warning, preview, or recommendation to verify the existing record set first. In a domain-operations skill, deleting TXT records can break email authentication, domain verification, or other production services, making omission of safety guidance materially risky.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The document instructs use of a long-lived API token via HTTP Basic auth but provides no guidance on secure storage, redaction, or avoiding exposure in logs, shell history, and transcripts. In an agent setting, this raises the chance that credentials are mishandled or leaked during execution or debugging.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The file documents account-affecting and destructive operations including registration, renewal, nameserver changes, record deletion, forwarding changes, domain unlock, and auth-code retrieval without requiring warnings or confirmation steps. In an autonomous or semi-autonomous agent context, these actions could cause domain hijack exposure, outage, billing impact, or irreversible configuration changes if triggered mistakenly or maliciously.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal