Back to skill

Security audit

Ringover

Security checks across malware telemetry and agentic risk

Overview

This Ringover skill appears useful, but its read/search framing conflicts with write-capable instructions and overly broad routing language, so it needs review before installation.

Install only if you are comfortable with the skill potentially performing Ringover write actions, not just searches or reads. Review the exact supported operations, use a least-privilege Ringover token where possible, and require explicit confirmation before account, contact, call, message, or other state-changing actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The manifest and description frame the skill as only for searching and reading Ringover data, but the body explicitly supports state-changing actions and tells the agent how to execute them. This mismatch can cause an orchestrator or reviewer to treat the skill as read-only when it may perform writes, undermining trust boundaries and approval workflows for mutating actions.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The instruction to use this skill for ANY Ringover request is overly broad and can force routing of all Ringover-related tasks through a single skill without clear scope limits. Broad trigger language increases the chance the agent invokes the skill in inappropriate contexts, including sensitive or state-changing workflows, especially when combined with the capability mismatch elsewhere in the file.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.