Back to skill

Security audit

Glyphic

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Glyphic read-integration that uses the OOMOL oo CLI and does not contain hidden code or automatic destructive behavior.

Install this only if you want your agent to read Glyphic data through an OOMOL-connected account. Review the OOMOL connection and Glyphic scopes, and require explicit confirmation before allowing any future write or destructive Glyphic action not listed in this version.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The manifest describes the skill as limited to searching and reading, but the body explicitly says to use it for any Glyphic action and discusses write/destructive operations. This mismatch can mislead users and orchestration logic into invoking a capability set broader than advertised, increasing the chance of unintended state-changing operations under a read-only trust assumption.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The in-file guidance contradicts the read-oriented manifest by stating that any Glyphic action may be run and by providing operational rules for write and destructive actions. In an agent setting, this kind of scope drift is dangerous because downstream systems or users may rely on the manifest for safety classification while the instructions silently expand privileges and behavior.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The instruction to use this skill for ANY Glyphic request is overly broad and can cause the skill to be activated on incidental mentions of Glyphic rather than clear user intent. Because the skill can reach connected account data and, per the documentation, may encompass state-changing actions, overbroad routing increases the risk of unnecessary data access or accidental execution in the wrong context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.