Security audit

Holded

Security checks across malware telemetry and agentic risk

Overview

This Holded skill is a straightforward OOMOL connector wrapper with disclosed read and contact-creation actions, and it requires confirmation before writes.

Install this only if you intend to let Codex use your OOMOL-connected Holded account. Reads may access business contact and product data, and contact creation can change your Holded account, so review any proposed write payload before approving it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description is unusually broad: it directs the agent to use this skill for ANY Holded request, including reading, creating, and updating data. That can cause the skill to be selected in situations where a narrower or safer path would be more appropriate, increasing the chance of unintended write operations or over-privileged connector use if downstream guardrails are weak.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal