Back to skill

Security audit

PagerDuty

Security checks across malware telemetry and agentic risk

Overview

This PagerDuty skill is purpose-aligned but needs review because it can change incident state and does not consistently require confirmation for those actions.

Install only if you trust OOMOL and want PagerDuty operations routed through the oo CLI. Before use, treat acknowledge_incident, resolve_incident, and update_incident as write actions that require explicit user confirmation of the exact incident and payload.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrase instructs the agent to use this skill for ANY PagerDuty request, which is broader than necessary and can cause the skill to intercept a wide range of PagerDuty-related tasks without sufficient specificity. In this skill, that broad routing is especially risky because the skill includes state-changing actions such as incident updates and resolution, increasing the chance of unintended invocation or overreach.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.