Workable

Security checks across malware telemetry and agentic risk

Overview

This Workable skill is a disclosed OOMOL connector wrapper for reading Workable jobs and candidates, with no artifact-backed evidence of hidden or malicious behavior.

Install only if you are comfortable connecting Workable through OOMOL and allowing the agent to read candidate and job information. Keep use to the listed get/list actions unless you deliberately approve a clearly described state-changing Workable action.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

High

Confidence: 95% confidence
Finding: The manifest and description position this skill as suitable for searching and reading data, but the body explicitly allows state-changing actions if present. That mismatch can cause an agent or user to trust the skill as read-only and later invoke write-capable connector actions discovered via live schema inspection, creating a privilege and safety boundary violation.

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: The skill says untagged actions are safe reads, but it also instructs the agent to query the live connector schema and does not limit execution to the enumerated actions. If the connector later exposes additional actions, including mutating ones, an agent may execute them based on incomplete or stale in-skill safety guidance.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal