Back to skill

Security audit

Dns Agent Skills

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill catalog for DomainHelp DNS utilities, with expected external API use and no local install, persistence, or hidden execution.

Install only if you are comfortable sending queried IP, resolver, domain, and URL information to DomainHelp. Avoid submitting confidential, internal, unreleased, or regulated infrastructure details unless your environment permits that external disclosure.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The catalog advertises multiple skills that send user-supplied URLs, domains, and connection metadata such as public IP and recursive resolver information to an external service, but it provides no privacy notice, consent guidance, retention details, or warning about third-party data disclosure. In an agent setting, this can cause users or downstream systems to unknowingly transmit sensitive infrastructure, browsing, or investigation targets to DomainHelp, creating privacy, compliance, and operational security risks.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README advertises a public-IP lookup skill but does not warn that invoking it necessarily discloses the caller's IP address to a third-party service. In an agent context, users may not realize that simply using the skill reveals network-identifying information, which creates a privacy and consent risk even if the functionality is expected.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The DNS resolver detection skill description omits that using the check/result flow sends network-path and resolver-related metadata to an external service. In an agent workflow, this can expose infrastructure details or user network characteristics without clear disclosure, increasing privacy and reconnaissance risk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The catalog exposes a 'What Is My Public IP' skill that necessarily sends the user's network request to an external service and returns identifying network metadata, but it provides no user-facing privacy warning about that disclosure. This can mislead downstream agents or users into invoking the skill without understanding that their IP address and associated request metadata will be revealed to a third party.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The resolver-detection workflow analyzes recursive DNS resolver and request-path characteristics using external endpoints, but the catalog does not warn that DNS/network-path data will be transmitted and observed by DomainHelp. In security or enterprise environments, that metadata can reveal infrastructure details and create unintended information disclosure through agent automation.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The redirect-chain/link-expander skill will contact user-supplied external URLs to follow redirects, but the catalog omits any warning that queried targets will be disclosed to DomainHelp and that outbound requests may interact with third-party infrastructure. This creates privacy and operational risk, especially if agents submit internal, sensitive, or unreleased URLs that should not be exposed externally.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documentation describes a workflow that creates a unique tokenized hostname and requires the user or browser to trigger an external DNS lookup, but it does not clearly warn that this action discloses resolver/network metadata to a third-party service and ties it to a correlation token. This is primarily a transparency and privacy issue: users and integrators may unknowingly cause outbound DNS traffic that can be logged and linked to their environment.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.