Edgedb

Security checks across malware telemetry and agentic risk

Overview

This appears to be a database helper, but it can run migrations, queries, and proxy requests without clear safety guardrails, so it needs review before installation.

Install only if you intend to let an agent administer an EdgeDB-backed system. Use least-privilege credentials, avoid production connections by default, require explicit approval for writes, migrations, and proxy requests, and prefer dry runs or previews before any durable database change.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The skill description is broad enough to match generic database or data-management requests, which can cause the agent to invoke this skill in situations the user did not specifically intend. Because the skill exposes query execution, migrations, and proxy capabilities, an over-broad trigger increases the chance of unintended access or modification of EdgeDB-backed systems.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The documentation advertises schema migrations, query execution, and direct proxy requests without prominent safeguards distinguishing read-only from write/destructive actions. In an agent setting, this can lead to silent execution of data-modifying operations, schema changes, or arbitrary API calls against a live database when the user may have expected inspection only.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal