Back to skill

Security audit

Keap

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Keap CRM integration, but it gives broad account access through Maton and users should approve sensitive actions carefully.

Install only if you intend to let Maton mediate access to your Keap account. Protect MATON_API_KEY, specify the intended Maton connection when you have multiple Keap accounts, and carefully review any email send, deletion, order/product change, campaign sequence change, or other write before approving it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill states access is scoped to contacts, companies, tags, tasks, orders, opportunities, and campaigns, but the file also exposes user info, emails including send, products, subscriptions, affiliates, and automations. This scope mismatch can mislead users or downstream policy layers into authorizing broader capabilities than they believe are available.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest description omits that the skill can send email, while the body documents a POST /emails:send operation. Hidden or under-disclosed outbound messaging capability is security-relevant because it enables user impersonation, spam, phishing, or unintended communications from a connected CRM account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.