Back to skill

Security audit

Teamtailor

Security checks across malware telemetry and agentic risk

Overview

This skill appears to provide disclosed read-only Teamtailor access through OOMOL's CLI, with no evidence of hidden, destructive, or data-exfiltrating behavior.

Install only if you are comfortable letting agents read Teamtailor job, department, and location data through your OOMOL-connected account. Treat future versions carefully if they add actions tagged write or destructive, and only approve setup/authentication steps when you intended to connect OOMOL to Teamtailor.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The manifest and description constrain the skill to searching and reading data, but the body introduces generic guidance for write and destructive actions. That mismatch can cause an agent or operator to overtrust the skill as read-only and later invoke state-changing operations if such actions are exposed by the connector or added in the future, creating a privilege/safety boundary failure.

Intent-Code Divergence

Medium
Confidence
87% confidence
Finding
The available-actions list shows only read operations, while the safety section speaks broadly about write and destructive actions existing. This inconsistency weakens operator understanding and makes it easier for future mutating actions to be introduced without corresponding documentation updates, leading to accidental unsafe use.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrase says to use this skill for any Teamtailor request, which is broader than the stated read/search purpose and can override safer, more specific routing decisions. Overbroad routing increases the chance that agents will send unsupported or higher-risk tasks through this skill, especially if the connector later gains mutating capabilities.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.