Back to skill

Security audit

IT Glue

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed IT Glue connector helper that mainly lists and retrieves IT Glue data through OOMOL, with some broad wording users should understand before use.

Install only if you want your agent to access IT Glue through OOMOL. Treat it as able to read IT Glue business data available to your connected account, and require explicit review before allowing any unlisted or state-changing IT Glue action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The manifest and description say the skill is for searching and reading IT Glue data, but the body explicitly discusses handling state-changing actions and provides generic execution guidance that can run any connector action. That mismatch can mislead an agent or reviewer into treating the skill as read-only when it may be used to perform writes, creating a privilege/safety boundary failure.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The instructions tell the agent to run arbitrary action names via `oo connector schema` and `oo connector run`, while the safety section relies on listed tags to distinguish safe versus unsafe operations. If additional unlisted actions exist in the connector, the agent could invoke write or destructive operations that are not tagged in this document, bypassing the intended safety model.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger condition says to use this skill for ANY IT Glue request and instead of calling the API directly, which is broader than necessary. Overly broad routing increases the chance the skill is invoked in contexts it was not tightly designed for, including operations or edge cases with weaker safeguards than direct, purpose-built handling.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.