Back to skill

Security audit

KnowBe4

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed KnowBe4 connector helper for reading account, group, and user data through OOMOL.

Install only if you intend to let Codex query KnowBe4 through your OOMOL-connected account. Review the oo CLI setup path and confirm any future action tagged write or destructive before allowing it to run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The manifest and description say this skill is for 'searching and reading data,' but the body explicitly authorizes state-changing actions via [write] and [destructive] paths. That mismatch can mislead an orchestrating agent or reviewer into granting or invoking the skill under read-only assumptions, creating a capability-confusion risk that could enable unintended modifications if additional write actions are later exposed.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger text says to use this skill for 'ANY KnowBe4 request' and 'instead of calling the API directly,' which is overly broad and can cause the agent to route all KnowBe4-related tasks through a Bash-capable skill without considering least privilege or safer alternatives. Broad invocation criteria increase the chance of unnecessary tool use, accidental exposure to shell-based execution paths, and misuse in contexts that only need a narrower, audited operation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.