EODHD APIs

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed read-oriented connector for EODHD financial data through OOMOL, with no artifact evidence of hidden persistence, destructive actions, or data exfiltration.

Install this if you want your agent to access EODHD data through OOMOL. Be aware it uses your connected EODHD/OOMOL account, can retrieve account and API-usage details, and may consume paid API credits; install the oo CLI only from a source you trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger language is excessively broad: 'Use this skill for ANY EODHD APIs request' and 'Whenever a task involves EODHD APIs, use this skill instead of calling the API directly.' Overbroad routing can cause the agent to invoke this skill in unintended contexts, increasing the chance of unnecessary external calls, data exposure through the connector, or bypass of more context-appropriate safeguards.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal