Danube Tools Marketplace

Security checks across malware telemetry and agentic risk

Overview

Danube appears to be a legitimate marketplace connector, but it gives an agent broad remote tool-execution and user-scoped write authority without clear per-action confirmation rules.

Install only if you are comfortable letting Danube-mediated tools act through a single API key. Before use, require explicit approval for writes, messages, purchases, deletions, credentialed service actions, and batch executions; connect only the third-party accounts you actually need and avoid sending unnecessary sensitive data in tool inputs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill description advertises a very broad capability set—'discover, search, and execute anything available'—without defining clear trigger constraints or limiting when the agent should invoke it. In an agent environment, such broad scope increases the chance of over-invocation, unintended external actions, and tool use beyond user intent, especially because the skill itself encourages always searching broadly first.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal