Goody

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Goody connector helper that mainly runs OOMOL `oo` CLI actions, with some setup guidance users should review before use.

Install only if you trust OOMOL and are comfortable connecting a Goody account through their `oo` CLI. Before running the listed installer one-liners, review the install script or use an official verified installation method, and be aware the skill can read sensitive Goody account information such as orders and payment methods.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Intent-Code Divergence

Medium

Confidence: 89% confidence
Finding: The skill documentation mislabels `get_order` as a `[write]` action even though its name and surrounding context indicate it is a read operation. Incorrect state-change labeling can cause agents or users to apply the wrong confirmation policy, creating unsafe automation behavior and reducing trust in the action catalog.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The instruction to use this skill for 'ANY Goody request' is overly broad and can cause the agent to invoke the connector whenever Goody is merely mentioned, even when direct API use or no action would be more appropriate. Over-broad trigger wording increases the chance of unintended access to connected account data or unnecessary execution of external tooling.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The macOS/Linux setup instruction downloads and executes a remote shell script directly via a pipe to `bash`, which prevents meaningful inspection before execution. If the remote host, distribution path, or network path is compromised, this can lead to arbitrary code execution on the user's machine.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The Windows setup step uses `irm ... | iex`, which fetches remote PowerShell content and executes it immediately in memory. This creates the same arbitrary-code-execution risk as shell piping and gives users no opportunity to verify integrity or review the script contents first.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal