Front

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Front API connector that uses a Maton API key and OAuth proxy to read and change Front workspace data when authorized.

Install only if you trust Maton to proxy OAuth-backed Front requests. Keep MATON_API_KEY secret, use Maton-Connection when multiple Front workspaces are connected, and review every proposed send, create, update, or delete action because changes can affect shared customer communications and teammates.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The manifest understates the skill's effective scope by claiming coverage is limited to conversations, messages, contacts, tags, inboxes, teammates, and teams, while the document also exposes channels, accounts, comments, and connection-management operations. This can mislead users or higher-level policy systems into authorizing a broader capability set than they intended.

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The security guidance says access is scoped only to a limited set of Front resources, but the API reference documents additional resources and actions outside that stated scope. This discrepancy weakens informed consent and can cause operators to underestimate what data can be read or modified through the skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal