ClawHub

Amentum Aerospace

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Membrane-based integration for Amentum data APIs, with some broad proxy instructions users should control carefully.

Install only if you intend to use Membrane with Amentum's data services. Verify the connection target before authenticating, prefer discovered read-only actions, use a least-privileged or test account when possible, and require explicit confirmation before any mutating proxy request or request containing sensitive data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The skill claims to be an Amentum Aerospace data-management integration, but the documented capabilities pivot into broad geophysical, environmental, and proxy-based access that do not match that scope. This mismatch can cause an agent to invoke the skill for unrelated tasks and then use overly broad network access paths, increasing the chance of unauthorized data access or unintended external requests.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The file states there is no public API or developer documentation, yet later instructs the agent to establish connections, discover actions, and send direct requests through Membrane. That inconsistency is dangerous because it encourages agents to operate against an unclear or inferred integration surface, which can lead to fabricated assumptions, misrouting of requests, or unsafe use of automatically generated connectors.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The invocation description is so broad that it could match many generic requests involving Amentum-related data, even when the user did not intend to use this specific integration. In the context of a skill with network access and broad connection/proxy instructions, over-triggering increases the risk of unnecessary external actions or data exposure.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation permits direct proxy requests, including mutable HTTP methods and arbitrary headers/body data, without warning about data transmission, destructive operations, or the need for user confirmation. In an agent setting, this can enable unintended writes, exfiltration, or interaction with sensitive endpoints under authenticated context.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal