Back to skill

Security audit

Turbot Pipes

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Turbot Pipes read/query helper that uses the OOMOL connector and does not show hidden, destructive, or persistence behavior.

Install only if you intend agents to query Turbot Pipes through your OOMOL-connected account. Review SQL queries before running them against sensitive datasets, and treat any CLI install or account-connection step as something to approve deliberately rather than run automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger language instructing agents to use this skill for 'ANY Turbot Pipes request' is overly broad and can cause the skill to be invoked in situations where a more specific tool, safer workflow, or direct user clarification is needed. Over-broad routing increases the chance of unintended data access or unnecessary execution of connector-backed queries based on loose mention matching rather than clear user intent.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.