TextCortex

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed TextCortex connector that uses OOMOL's oo CLI and does not show hidden, destructive, or unrelated behavior.

Install only if you intend to use TextCortex through OOMOL. Review the payload before any chat-completion action, and only connect the TextCortex API key/account you are comfortable allowing OOMOL to use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The skill description says to use this skill for ANY TextCortex request, which is broad enough to trigger the skill for simple mentions or loosely related tasks. In an agentic system, this can cause unintended invocation and unnecessary access to connected credentials or side-effecting actions when a narrower routing rule would have avoided tool use.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal