Back to skill

Security audit

Gorm Expert

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent GORM helper, but it needs review because some best-practice examples could lead to exposed debug endpoints or query-isolation mistakes if copied into production.

Review the observability and session guidance before installing or relying on it. If used, treat generated scripts as local developer tools, run scaffold writes only with explicit paths, and do not expose pprof except on localhost or behind strong admin-only controls. For multi-tenant or concurrent GORM code, verify session cloning behavior against your GORM version and tests before adopting the examples.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Low
Confidence
94% confidence
Finding
The guide suggests enabling net/http/pprof and starting an HTTP server on :6060 without any warning about restricting access. Exposed profiling endpoints can leak sensitive runtime details, request patterns, goroutine stacks, memory contents, and internal topology, which can materially aid attackers during reconnaissance or incident escalation.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The document states that `Session{}` provides isolation for `Count` and `Find`, but the shown code uses an empty session rather than `NewDB:true`, which does not match the earlier explanation that independent state requires a new DB/session context. In a best-practices skill, this inconsistency can cause developers to rely on unsafe query reuse and accidentally carry state between operations, leading to incorrect query behavior or weakened tenant/filter isolation.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The guidance warns that `*gorm.DB` is not goroutine-safe, but then recommends sharing `baseDB` across goroutines and invoking `Session(NewDB:true)` at call time. If that assumption is wrong or timing-sensitive, readers may introduce concurrent access to mutable query state, causing data races, query corruption, cross-request leakage, or broken tenant scoping in production systems.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The document explicitly recommends exposing pprof over HTTP but omits any access restriction, authentication, or environment scoping guidance. In production, unauthenticated pprof endpoints can expose sensitive operational data and significantly reduce the effort required for attackers to map internals or harvest debugging information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.