Back to skill

Security audit

Ghost

Security checks across malware telemetry and agentic risk

Overview

This appears to be a straightforward Ghost connector skill, with a caution that its optional CLI installation guidance uses risky pipe-to-shell commands.

Install only if you want Codex to use OOMOL’s oo CLI with your connected Ghost site. Review the oo CLI installation method before running the provided installer commands, and require explicit confirmation before any action that would change or delete Ghost content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger scope is overly broad: 'ANY Ghost request' and 'Whenever a task involves Ghost' can cause the agent to invoke this skill for loosely related mentions, even when the user did not intend external tool use. In an agent setting, broad routing language increases the risk of unnecessary data access or execution against a connected Ghost account.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs piping remote scripts directly into `bash`/PowerShell, which is a well-known unsafe installation pattern because it executes unreviewed code from the network immediately on the user's system. In this skill context, those commands are presented as troubleshooting steps, so an agent could relay or run them during failure handling, increasing the chance of host compromise or unsafe system modification.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.