CoinMarketCal

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a CoinMarketCal helper, but it includes an unsafe remote install command that could execute unverified code on the user's machine.

Review the install instructions before using this skill. If the oo CLI is required, install it manually from a trusted source only after checking the vendor and script contents; do not allow an agent to run the curl-to-bash command automatically. The VirusTotal telemetry is clean, and there is no artifact-backed evidence of exfiltration or destruction, but the unverified installer warrants Review.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The instruction to use this skill for ANY CoinMarketCal request can override normal tool-selection safeguards and push the agent toward this skill even when another safer or more appropriate path exists. While not directly exploitable on its own, it increases the attack surface by encouraging broad invocation based on service name rather than least-privilege or task-specific need.

External Script Fetching

High

Category: Supply Chain
Content: - **`oo: command not found`** — install the oo CLI (other platforms: <https://cli.oomol.com/install-guide.md>): ```bash curl -fsSL https://cli.oomol.com/install.sh | bash # macOS / Linux ``` ```powershell
Confidence: 97% confidence
Finding: curl -fsSL https://cli.oomol.com/install.sh | bash

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal