Oracle OKE Hardening

Security checks across malware telemetry and agentic risk

Overview

This skill is a documented external API for generating Oracle OKE hardening configurations, with no local execution or persistence behavior in the artifacts.

Reasonable to install if you are comfortable using the external ToolWeb/api.mkkpro.com service. Avoid sending kubeconfigs, secrets, production identifiers, or detailed private cluster topology unless you trust the provider's data handling practices.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 72% confidence
Finding: The request schema includes sessionId, userId, and timestamp fields, which are potentially sensitive metadata, but the spec provides no privacy notice, minimization guidance, or handling constraints. In an agent-integrated context, this can lead to unnecessary transmission and retention of user-linked identifiers, increasing privacy and compliance risk if the service logs, stores, or correlates requests.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal