WorkIQ

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Microsoft 365 search helper that runs Microsoft Work IQ queries, with privacy risk users should manage but no hidden code or destructive behavior found.

Install this only if you want your agent to query Microsoft 365 content available to the signed-in account. Use narrow prompts, avoid broad searches over legal, HR, medical, financial, or confidential project data unless intended, and verify the WorkIQ CLI/package and tenant before use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill recommends invocation for very broad categories like emails, meetings, documents, Teams messages, and people without defining boundaries, sensitivity checks, or exclusions. In an agent setting, this can cause over-invocation on ambiguous prompts and unintended retrieval of sensitive Microsoft 365 content, increasing privacy and data-minimization risk even if the underlying user already has access.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill does not clearly warn that user prompts may be sent to the WorkIQ CLI/service to query potentially sensitive Microsoft 365 data such as emails, messages, meetings, and documents. Without explicit disclosure, users may unknowingly authorize transmission and processing of sensitive enterprise content, creating consent, privacy, and compliance concerns.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal