ima

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed ima connector wrapper that reads and updates ima data through the OOMOL CLI with user confirmation for state changes.

Install only if you intend to let your agent access your connected ima account through OOMOL. Review proposed payloads before approving note creation, appends, URL imports, or adding notes to knowledge bases, and only run the oo CLI setup steps if you trust OOMOL and need this integration.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The description says to use this skill for ANY ima request and instead of calling the API directly, which can cause over-broad routing and invocation in situations where a narrower or safer path would be preferable. In agent systems, broad activation language increases the chance of unintended tool use on sensitive read/write tasks, especially because this skill includes state-changing actions such as create, append, import, and add-to-knowledge-base.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal