Back to skill

Security audit

Tinybird

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Tinybird connector helper for reading and querying data through OOMOL, with no hidden code or destructive behavior found.

Install this only if you are comfortable letting agents query Tinybird data visible to your connected OOMOL account. Review SQL queries and endpoint payloads when they may expose sensitive business data, and only run the oo CLI installation step if you trust OOMOL's installer.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill’s activation rule is overly broad because it claims applicability for 'ANY Tinybird request' and directs the agent to use the skill instead of the API directly, without narrowing to specific safe intents or user-authorized operations. Broad routing increases the chance the skill is invoked in ambiguous contexts and can steer the agent into connector-mediated data access when a user merely mentions Tinybird, which can lead to unnecessary exposure of connected-account data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.