Back to skill

Security audit

Demodesk

Security checks across malware telemetry and agentic risk

Overview

This Demodesk skill is a disclosed read-oriented connector, but users should understand it can access sensitive meeting and account data through OOMOL.

Install this only if you are comfortable letting the agent query Demodesk data available to your connected OOMOL account, including recordings and transcripts. Keep requests specific, and do not approve any unexpected write or destructive Demodesk action unless the exact payload and effect are clear.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The description says to use this skill for ANY Demodesk request and instead of calling the API directly, which is an overly broad trigger that can cause the agent to invoke this skill for unrelated or higher-risk Demodesk tasks without sufficient task scoping. In this file the available actions are read-only, which lowers the severity, but unintended activation can still expose sensitive CRM/meeting data or bypass more appropriate task-specific safeguards.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.