Back to skill

Security audit

WorkOS

Security checks across malware telemetry and agentic risk

Overview

This WorkOS skill is a disclosed OOMOL CLI integration with real account-change powers, but its behavior is coherent and includes confirmation guidance for writes and destructive actions.

Install this only if you trust OOMOL's `oo` CLI and are comfortable connecting a WorkOS API key to OOMOL. Treat reads as account-data access, and carefully review the exact payload before approving any create, update, membership-role, or deactivation action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill explicitly claims it should be used for ANY WorkOS request and whenever a task involves WorkOS, which creates an unnecessarily broad delegation boundary. In a high-privilege integration that supports reads, writes, and destructive actions, this can cause an agent to route sensitive or risky operations through the skill without narrower policy checks, increasing the chance of unauthorized changes or data access.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.