Back to skill

Security audit

Ordinal

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Ordinal connector that uses OOMOL's oo CLI, with a disclosed but higher-risk first-time installer step users should review.

Install only if you are comfortable using OOMOL's oo CLI with your Ordinal workspace. Before running the first-time installer commands, review OOMOL's official installation guidance and understand that pipe-to-shell installers execute code on your machine. For normal use, expect the skill to run oo connector commands against Ordinal and to ask before any action marked as write or destructive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs execution of remote install scripts via `curl ... | bash` and PowerShell `iex`, which are high-risk patterns because they run network-fetched code directly on the host without integrity verification. Even though framed as first-time setup, this can lead to arbitrary code execution if the remote source, transport, or distribution path is compromised, and the skill does not prominently warn about the system-level impact.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.