Back to skill

Security audit

Fellow

Security checks across malware telemetry and agentic risk

Overview

This Fellow connector skill is coherent and disclosed, with sensitive read/write access limited to Fellow operations and write actions requiring confirmation.

Install only if you intend to let the agent access your connected Fellow workspace through OOMOL. Treat meeting notes and action items as potentially sensitive, and review the exact payload before approving any action-item archive or completion change.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The instruction to use this skill for "ANY Fellow request" creates an overly broad trigger scope that can cause the agent to invoke the skill whenever Fellow is merely mentioned, rather than only when the user explicitly intends Fellow operations. In this skill, that matters because the tool supports both read and write actions, so accidental invocation could expose data or initiate state-changing flows without clear user intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.