Back to skill

Security audit

Gender-API.com

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Gender-API helper, with the main caution being optional first-time CLI installation commands that users should review before running.

Install this only if you are comfortable using OOMOL's oo CLI and sending Gender-API lookup inputs such as names or email addresses through the connected service. If the CLI is not installed, review the official installer before running the curl or PowerShell one-liner, since pipe-to-shell installers execute remote code on your machine.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill presents itself as a read-oriented API helper, but it includes executable install commands that modify the local system by piping remote scripts into a shell or PowerShell. This expands the trust boundary from querying Gender-API to arbitrary local code execution during setup, which is materially riskier than the declared purpose suggests.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The skill instructs installation via remote shell/PowerShell scripts (`curl ... | bash`, `irm ... | iex`), a high-risk pattern because it executes code fetched at runtime with no integrity verification or review. If the install endpoint, transport, or upstream distribution is compromised, the host running the skill could be fully compromised.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.