Back to skill

Security audit

Rosette Text Analytics

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed connector for Rosette text analysis, with no hidden code or evidence of unrelated access.

Install only if you are comfortable sending selected text to Rosette Text Analytics through OOMOL. Review the oo CLI installer source before running first-time setup, and only connect your Rosette account when you intend to use this service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is described as only for 'searching and reading data,' but it instructs the agent to perform authentication and service-connection setup steps when commands fail. That expands the effective behavior beyond passive data access into account and environment modification, which can cause unintended user-sign-in flows or connector activation under an overly trusting agent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger language says to use this skill for ANY Rosette Text Analytics request and instead of calling the API directly, which is overly broad. Broad routing rules can cause the agent to invoke the skill in situations the user did not intend, increasing the chance of unnecessary external data transmission or execution of setup/auth flows tied to the skill.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.