Kansodata MongoDB Companion
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only MongoDB helper that consistently limits itself to read-only analysis and does not install code or request credentials.
Before installing, confirm the separate mongodb plugin is configured with read-only MongoDB permissions. The skill tells the agent to stay read-only and fail closed, but it cannot technically prevent writes if another plugin or credential is misconfigured.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.