IPinfo

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed IPinfo connector skill that uses OOMOL's `oo` CLI for expected IP lookup, account metadata, and mapping actions.

Install only if you intend to use IPinfo through an OOMOL-connected account. Be careful with actions that use the caller's current IP, retrieve token/account metadata, or upload large IP lists for mapping, and confirm the exact data before running those actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The directive to use this skill for ANY IPinfo request is overly broad and can cause an agent to invoke the skill without sufficient task scoping, user consent, or consideration of safer alternatives. In this context, that matters because some actions expose the caller's own IP, location, token metadata, or perform uploads, so broad auto-selection increases the chance of privacy-impacting or unnecessary external calls.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill advertises actions that retrieve the caller's current public IP, coordinates, and region without an explicit privacy warning or consent requirement. That omission can lead an agent to disclose or process sensitive location-linked metadata about the user or runtime environment when the user did not clearly intend to reveal it.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal