Back to skill

Security audit

Stormboard

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a read-only Stormboard connector, with the main caveat that it relies on the user's connected OOMOL/Stormboard account and oo CLI setup.

Install only if you intend to let an agent read Stormboard data through your OOMOL-connected account. Keep use to the documented get/list actions, review any requested oo CLI installation or login step before allowing it, and require explicit confirmation before any future connector action that claims it will change or delete Stormboard data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The manifest and skill metadata describe this skill as limited to 'searching and reading data,' but the body explicitly states that write and destructive actions may exist and can be executed through the same connector flow. This mismatch can mislead an orchestrating agent into invoking a capability set broader than advertised, increasing the risk of unauthorized state changes if future actions are added or if the agent trusts the manifest over the body.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The safety section claims that state-changing actions are tagged with '[write]' or '[destructive],' but the visible action list contains no such tags. That creates an unreliable safety boundary: an agent may assume all listed actions are read-only based on missing tags, even though the document separately implies state-changing actions may be available via schema inspection and connector execution.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger text says to use this skill for 'ANY Stormboard request,' which is overly broad and can cause automatic invocation even for tasks that should not use this connector or that require stricter review. Overbroad routing increases the chance of accidental data exposure, misuse of connected credentials, or bypass of more appropriate task-specific controls.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.