ClawHub

Linux DO

Security checks across malware telemetry and agentic risk

Overview

This skill is a small, disclosed read-only Linux DO connector skill; its main risk is the one-time OOMOL CLI install command, not hidden behavior.

Install this if you want an agent to read public Linux DO forum data through OOMOL. Only run the CLI install command after deciding you trust OOMOL's installer, and be aware that OOMOL CLI sign-in may be required even though the Linux DO data actions themselves are public/read-only.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Intent-Code Divergence

Low
Confidence
91% confidence
Finding
L22 says "Linux DO needs no account connection," which communicates that no account linkage is required. However, L69-L73 instruct the user to run `oo auth login` and sign in to an OOMOL account when authentication fails, which is an active contradiction in the operational guidance.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The description says to use this skill for "ANY Linux DO request," which is a broad activation condition without constraints or negative examples. Although it names a domain, the invocation guidance is still ambiguous about scope and could cause unintended use whenever Linux DO is mentioned.

External Script Fetching

High
Category
Supply Chain
Content
- **`oo: command not found`** — install the oo CLI (other platforms: <https://cli.oomol.com/install-guide.md>):

  ```bash
  curl -fsSL https://cli.oomol.com/install.sh | bash    # macOS / Linux
  ```

  ```powershell
Confidence
90% confidence
Finding
curl -fsSL https://cli.oomol.com/install.sh | bash

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal