Back to skill

Security audit

Kit

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Kit email-marketing API helper that requires a Maton API key and user approval for writes, with no hidden installer or automatic execution.

Install only if you trust Maton with access to the connected Kit account and its subscriber/customer data. Keep MATON_API_KEY private, use Maton-Connection when multiple Kit accounts exist, and carefully review any write, delete, webhook, broadcast, or connection-management action before approving it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The documentation states access is scoped only to Kit email-marketing resources, but the same skill also exposes broader connection-management and webhook capabilities. That mismatch can mislead users or higher-level agents about the real privilege boundary, causing actions to be approved under an overly narrow understanding of what the skill can do.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
Including generic Maton connection lifecycle endpoints broadens the skill from Kit resource management into account/integration administration. This expands the attack surface because an invoking agent could create, inspect, or delete connections beyond the user's expected email-marketing task flow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.