ngrok

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed, read-only ngrok connector that uses OOMOL credentials and shows no hidden or destructive behavior.

Install only if you want an agent to read ngrok account resources through your OOMOL-connected account. Confirm ambiguous ngrok mentions before running connector actions, and review any future action list if mutation actions are added.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger text says to use this skill for ANY ngrok request and whenever a task involves ngrok, which is broad enough to hijack unrelated conversations that merely mention ngrok. Over-broad invocation increases the chance the agent routes requests into this skill without sufficient user intent verification, potentially exposing account data or causing unintended tool use.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal