Back to skill

Security audit

Kintone

Security checks across malware telemetry and agentic risk

Overview

This Kintone skill is a disclosed read-oriented OOMOL connector wrapper, with one overly broad trigger line that users should treat as a scope caution rather than evidence of malicious behavior.

Install only if you are comfortable using OOMOL's oo CLI with your Kintone account. Treat it as a read/search helper for users, groups, departments, and services, and do not let an agent use it for unrelated Kintone administration unless the action schema and user intent are checked first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger text is overly broad: 'Use this skill for ANY Kintone request' and 'Whenever a task involves Kintone, use this skill instead of calling the API directly' can cause the agent to route all Kintone-related tasks through this skill without checking whether the request is appropriate, least-privileged, or even within the skill’s actual read-only capabilities. That increases the chance of unintended invocation, unnecessary exposure of enterprise data through connector reads, and bypass of more precise tool-selection logic.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.