ClawHub

Airtable

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Airtable helper, but it gives agents broad authenticated ability to change or delete Airtable data without documented confirmation guardrails.

Install only if you trust Membrane and need Airtable automation. Use a least-privilege Airtable account, review the Membrane connection permissions, require clear confirmation before any create/update/delete or raw proxy request, verify the exact base/table/record IDs and payload, and revoke the connection when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documents delete and update actions without any guidance to require explicit user confirmation before destructive or modifying operations. In an agent context, this increases the risk of unintended data loss or unauthorized changes if the model infers permission from vague user requests.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The proxy request feature enables arbitrary Airtable API calls, including PATCH, POST, PUT, and DELETE, but the skill provides no warning or restriction around state-changing requests. This creates a broad write/delete surface that could be abused by ambiguous prompts or prompt injection to modify or destroy remote data through authenticated access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal