Back to skill

Security audit

Qlty

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed Qlty connector helper with read-only listed actions and no bundled executable code.

Install this if you are comfortable using OOMOL's oo CLI as the broker for Qlty access. Keep usage to the listed read-only Qlty actions unless you explicitly approve a future write or destructive action, and review the oo CLI installer/login step before running first-time setup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The manifest and description present the skill as being for 'searching and reading data,' but the body explicitly discusses handling [write] and [destructive] actions. This mismatch can mislead a calling agent or reviewer about the true capability boundary of the skill, increasing the chance that state-changing operations are exposed or invoked under a read-only trust assumption.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill’s stated purpose is read/search access to Qlty, yet it documents support for state-changing connector actions without a business need shown in the manifest. Even though the text says to confirm with the user before write or destructive actions, the unnecessary inclusion of such capability expands the attack surface and creates a path for misuse if another agent trusts the skill’s read-only framing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.