Kole By SyneHQ

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate database-querying skill, but it gives agents broad access to real databases with overly broad activation guidance and limited runtime safeguards for write or admin SQL.

Install only if you intend to let your agent query databases through SyneHQ Kole. Use read-only, least-privilege credentials by default; verify the target connection and environment before use; and require explicit approval for INSERT, UPDATE, DELETE, DROP, migrations, exports, maintenance commands, or production access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README encourages running database queries and inspecting schemas without warning that these actions may touch production systems or send queries through the SyneHQ MCP server. This omission increases the chance that users or agents will execute sensitive operations without understanding data exposure, environment targeting, or transmission boundaries.

Vague Triggers

High

Confidence: 95% confidence
Finding: The skill’s activation guidance is overly broad: it says to use the skill whenever a user asks about 'their data,' even without explicit database or SQL intent. In practice, this can route unrelated sensitive data tasks to an external database-querying service, increasing the chance of unnecessary data exposure, unintended credential use, or destructive query execution in the wrong context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal