ClawHub

Altoviz

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent Altoviz integration, but it needs review because it can make authenticated changes and raw API calls against business data without clear approval guardrails.

Install only if you are comfortable granting Membrane-mediated access to your Altoviz account. Before any create, update, delete, or raw proxy request, require the agent to show the exact action, endpoint, method, and payload, and use the least-privileged Altoviz account available.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill description is broad enough that it could be invoked for many generic data-management requests, increasing the chance of accidental activation. Because this skill exposes read, create, update, and proxy capabilities against a business system, unintended invocation could lead to unnecessary data access or state-changing operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises create and update actions for invoices, quotes, products, customers, and suppliers without warning that these operations modify live remote business data. In an agent setting, that omission can cause the model or user to treat these actions as routine queries, resulting in unintended writes to production systems.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The proxy request section allows arbitrary paths and HTTP methods, including POST, PUT, PATCH, and DELETE, but does not warn that these can perform destructive operations outside the curated action set. This significantly expands the attack surface because an agent could be induced to invoke undocumented or dangerous API endpoints with authenticated access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal