Roam HQ

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Roam API helper, but it can read private meeting/chat content and send messages if given a Roam API token.

Install only if you are comfortable giving the agent a Roam personal access token. Use the least-privileged token available, avoid using it on highly sensitive meetings unless necessary, and require the agent to show the target group and exact message text before any Roam message is posted.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill description is broad enough to trigger on generic meeting- or transcript-related requests without making clear that it can access private meeting data and perform actions in an external workspace. That increases the chance of over-invocation and unintended access or messaging, especially when user intent is ambiguous.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill advertises capabilities to access transcripts and send messages but does not warn that these operations may expose private meeting content or create outbound side effects. In practice, this can lead to users or downstream agents invoking the skill without understanding that it reads sensitive communications and can post to groups.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal