Apiary

Security checks across malware telemetry and agentic risk

Overview

This Apiary skill is mostly coherent, but it gives an agent broad authenticated API access without clear safety limits for changes or deletes.

Install only if you trust Membrane and intend to let an agent operate on a live Apiary account. Prefer predefined Membrane actions, verify the @membranehq/cli package before installing it globally, and require explicit approval before publish, update, delete, POST, PUT, PATCH, or DELETE requests. Revoke the Membrane connection when it is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly documents a generic proxy mechanism that can send arbitrary authenticated requests to the Apiary API, including state-changing methods such as POST, PUT, PATCH, and DELETE, without any guardrails or warnings about confirmation for destructive operations. In an agent context, this increases the chance of unintended modification or deletion of remote data because the skill encourages direct API access when built-in actions are insufficient.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal