Security audit

BALLDONTLIE World Cup

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OOMOL connector skill for reading BALLDONTLIE World Cup data, with no evidence of hidden, destructive, or unrelated behavior.

Install this only if you are comfortable using OOMOL and the oo CLI to access BALLDONTLIE World Cup data through a connected account or API key. Treat the CLI install, login, billing, and provider-connection steps as normal integration setup, and run them only when needed. For best control, use the skill for explicit BALLDONTLIE World Cup data lookups rather than general World Cup discussion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger text is unusually broad: 'Use this skill for ANY BALLDONTLIE World Cup request' and 'Whenever a task involves BALLDONTLIE World Cup, use this skill instead of calling the API directly.' This can cause the agent to invoke the skill for loosely related requests without sufficiently checking whether the task actually requires this connector, increasing the chance of unnecessary tool use, schema probing, or external data access when a simpler or safer response would suffice.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal