Tandoor Recipe

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Tandoor Recipe Manager helper that uses a configured API token to manage recipes, meal plans, and shopping lists.

Install only if you want an agent to manage your Tandoor data. Use the least-privileged token Tandoor supports, verify TANDOOR_URL points to your own instance, do not paste or log the token, and require confirmation before creating recipes, scheduling meals, checking off items, or deleting shopping-list entries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 82% confidence
Finding: The documentation instructs use of a long-lived API token and names the exact environment variable carrying it, but provides no guidance on secure handling, redaction, or avoiding disclosure in logs and outputs. In a tool-using agent context, this increases the risk of credential leakage through debugging, error messages, transcripts, or unsafe operator practices.

Missing User Warnings

Medium

Confidence: 76% confidence
Finding: The documented workflow normalizes deletion of shopping-list items without any warning, confirmation, or distinction between reversible and irreversible actions. In an autonomous or semi-autonomous agent setting, this can lead to unintended data loss if the wrong item IDs are selected or if a user did not explicitly authorize removals.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal