Geokeo

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Geokeo geocoding connector with limited oo CLI use and no evidence of hidden or destructive behavior.

Before installing, confirm you are comfortable connecting a Geokeo API key through OOMOL and allowing the agent to run oo connector calls for geocoding. Treat the forward geocode write warning as a documentation issue to review, and ask for confirmation before any future Geokeo action that would actually create, update, send, post, delete, or remove data.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The documentation for a read-like geocoding lookup incorrectly states that it is a write action that changes Geokeo state. Misclassifying action side effects can cause an agent or operator to apply the wrong trust model, seek unnecessary confirmation, or worse, misunderstand whether other actions are safe to invoke, which weakens operational safety guarantees around tool use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal