连接器 OAuth 修复技能

Security checks across malware telemetry and agentic risk

Overview

This is a focused troubleshooting guide for fixing WorkBuddy OAuth browser-launch failures, with a disclosed current-user Windows registry repair step that users should apply carefully.

Install only if you need to troubleshoot this specific WorkBuddy connector OAuth issue on Windows. Before running the registry repair, verify the failing ProgId and replacement browser path, prefer changing the default browser through Windows settings when practical, and back up or note the existing registry value so the override can be removed or restored.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs the agent/user to modify per-user registry associations for browser launch behavior, but it does not clearly warn that this changes how URLs are opened for the affected ProgId and may redirect future launches to a different browser. Even though the change is under HKCU and framed as a repair, registry edits can have persistent side effects, break expected browser behavior, or be misapplied if the detected ProgId is wrong.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal