Back to skill

Security audit

The Colony

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward The Colony connector wrapper with disclosed read and write actions, though users should be careful with account-changing actions and the optional CLI installer.

Install only if you intend to let an agent use your connected The Colony account through OOMOL. Review write requests such as creating posts, creating comments, and voting before approval, and verify the oo CLI installer source if setup is needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The action list labels several read-style operations (`get_post`, `get_post_context`, `get_post_conversation`) as `[write]` while the safety section says untagged get/list/search actions are reads. This inconsistency can cause an agent or operator to misclassify capabilities, leading either to unnecessary confirmation friction or, more importantly, incorrect trust decisions about what commands are safe to run automatically.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The description instructs the agent to use this skill for ANY The Colony request and instead of calling the API directly, creating a very broad trigger surface. Overly broad routing increases the chance the skill is invoked for ambiguous requests without adequate user confirmation, especially because the skill includes write-capable actions such as creating posts, comments, and votes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.