Back to skill

Security audit

Fiber AI

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Fiber AI connector guide that uses OOMOL's CLI for disclosed, service-specific read operations.

Before installing, make sure you trust OOMOL and are comfortable using the oo CLI with your Fiber AI connection. Review any live action schema and confirm exact payloads before allowing write or destructive actions, even though this version only lists read-style operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill declares it should be used for "ANY Fiber AI request," which creates an overly broad activation boundary and encourages routing all Fiber-related tasks through this skill without checking whether the task is appropriate, necessary, or safe. Broad triggers increase the chance of unintended invocation, over-collection of data, and bypass of more task-specific review or user-confirmation logic.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.