Intercom

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Intercom connector skill that discloses its read and write actions and requires confirmation before changing Intercom data.

Install this only if you intend to let an agent use your connected Intercom workspace through OOMOL. Read/list/search actions can expose customer, admin, and conversation data, and write actions can create contacts, update records, reply to users, or close/reopen conversations, so keep the confirmation requirement enabled for any state-changing request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The manifest description says to use this skill for ANY Intercom request and instead of calling the API directly, which is an overly broad routing trigger. That increases the chance the agent invokes this skill in unintended contexts and hands Intercom-related data or actions to a connector path without sufficient task-specific validation, especially for state-changing operations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal