Back to skill

Security audit

Attio

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Attio CRM helper, but it can change live CRM data and requires careful API key handling.

Install only if you intend to let an agent work with Attio CRM. Use a least-privilege Attio token, avoid committing or sharing `~/.env`, verify the `attio` CLI you run, and require explicit approval before creating or updating records, adding pipeline entries, creating notes/tasks, or completing tasks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documentation presents record creation and update commands as routine operations without clearly warning that they perform write actions against live CRM data. In an agentic context, this increases the risk of unintended state changes, data corruption, or unauthorized modifications if a user or downstream system invokes examples without realizing they are mutating production records.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documentation includes commands that create notes, complete tasks, and change pipeline entries without highlighting that they alter CRM state. In a CRM integration skill, these actions can affect sales workflow, audit trails, and customer records, so missing warnings make accidental or automated misuse more likely.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The setup instructions tell users to store an API key in the environment but do not warn that the credential grants broad access to CRM data and actions. This omission can lead to poor secret-handling practices or underestimation of the consequences if the key is exposed, especially in shared shells, logs, or synced dotfiles.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.