Acf

Security checks across malware telemetry and agentic risk

Overview

This ACF skill is a real integration, but it gives an agent broad authenticated ability to call and potentially change or delete WordPress/ACF data without clear guardrails.

Review before installing. Use this only if you trust Membrane and intend to delegate access to a specific ACF/WordPress environment. Before any write, update, delete, or raw proxy request, explicitly confirm the connection, endpoint, HTTP method, request body, and backup or rollback plan.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description is overly broad: 'Manage data, records, and automate workflows' can match many generic user requests unrelated to ACF specifically. Over-broad routing can cause the agent to invoke this skill in the wrong context, leading to unintended access to connected WordPress/ACF data or execution of data-modifying actions.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill documents a generic proxy request mechanism supporting GET/POST/PUT/PATCH/DELETE without emphasizing that it can directly mutate or delete remote ACF/WordPress data. In an agent setting, this expands capability from curated actions to arbitrary authenticated API access, increasing the risk of destructive or unintended operations if prompted ambiguously or maliciously.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal