Aviationstack

Security checks across malware telemetry and agentic risk

Overview

This skill is a read-only Aviationstack connector guide that uses the OOMOL CLI and does not show hidden, destructive, or exfiltrating behavior.

Install only if you intend to use OOMOL as the intermediary for Aviationstack queries. Review the OOMOL CLI installation step before running it, and keep the connected Aviationstack API key limited to the read/query access you need.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger text is overly broad and instructs use of this skill for "ANY Aviationstack request" and whenever a task merely "involves Aviationstack." That can cause unintended routing to this skill in contexts where direct API use, a different tool, or additional user confirmation would be more appropriate, increasing the chance of accidental command execution or misuse.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal