Valyu

Security checks across malware telemetry and agentic risk

Overview

This Valyu connector is mostly coherent, but its setup instructions tell an agent to run a downloaded installer script directly in the shell without verification or explicit user approval.

Review before installing. Use it only if you intend to connect Valyu through OOMOL and are comfortable with queries going through that connector and possibly using OOMOL credits. Do not let an agent auto-run the pipe-to-shell installer; install the `oo` CLI through a trusted, verified method and confirm any setup, sign-in, or connection steps yourself.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The description says to use this skill for ANY Valyu request and instead of calling the API directly, which is an overly broad routing rule. This can cause the agent to invoke the skill in situations where a narrower, safer, or more context-appropriate path should be chosen, increasing the chance of unnecessary command execution and expanding the attack surface.

External Script Fetching

High

Category: Supply Chain
Content: - **`oo: command not found`** — install the oo CLI (other platforms: <https://cli.oomol.com/install-guide.md>): ```bash curl -fsSL https://cli.oomol.com/install.sh | bash # macOS / Linux ``` ```powershell
Confidence: 98% confidence
Finding: curl -fsSL https://cli.oomol.com/install.sh | bash

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal