ClawHub

Yelp

Security checks across malware telemetry and agentic risk

Overview

This Yelp skill is a read-only OOMOL connector wrapper with a disclosed setup path, though users should be cautious about the optional remote CLI installer.

Install this only if you trust OOMOL and are comfortable connecting a Yelp API key through OOMOL. Avoid running the remote installer blindly; prefer verifying OOMOL's official installation instructions before installing the oo CLI.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Intent-Code Divergence

Low
Confidence
95% confidence
Finding
The documentation states that create, update, send, post, delete, or remove actions may exist and require confirmation, yet the Available actions section lists only three read-only Yelp operations. This does not match the actual exposed functionality in the file and may mislead an agent about capabilities the skill does not provide.

Vague Triggers

Medium
Confidence
97% confidence
Finding
This is a markdown file, so vague-trigger review applies. The description directs invocation for virtually any task involving Yelp, but does not define boundaries, exclusions, or negative examples, making activation broader than necessary and prone to unintended use.

External Script Fetching

High
Category
Supply Chain
Content
- **`oo: command not found`** — install the oo CLI (other platforms: <https://cli.oomol.com/install-guide.md>):

  ```bash
  curl -fsSL https://cli.oomol.com/install.sh | bash    # macOS / Linux
  ```

  ```powershell
Confidence
90% confidence
Finding
curl -fsSL https://cli.oomol.com/install.sh | bash

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal