Pipedrive

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Pipedrive CRM integration that uses Maton-managed OAuth and does not show hidden code, persistence, or unrelated behavior.

Install only if you trust Maton to broker Pipedrive access. Keep MATON_API_KEY protected, use the intended Maton connection when multiple accounts exist, and require clear confirmation before creating, updating, or deleting CRM records or OAuth connections.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 97% confidence
Finding: The skill states that access is limited to a narrow set of Pipedrive objects, but the same document exposes additional resources such as notes, users, stages, and connection-management endpoints. This mismatch can mislead users or higher-level agents about the true privilege scope, increasing the chance of overbroad data access or unintended actions.

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The security guidance claims scoped access to a limited object set, but other sections document broader access including notes, users, and stages. This is dangerous because operators may authorize or invoke the skill under false assumptions about what data can be read or modified.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal