Chargebee

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Chargebee integration, but it gives an agent broad billing-changing authority without enough confirmation guidance.

Install only if you want an agent to operate Chargebee through Membrane. Use a least-privilege Chargebee account, verify the Chargebee site or tenant before use, and require explicit approval for any create, update, delete, cancel, pause, reactivate, refund, void, or raw proxy request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

High

Confidence: 94% confidence
Finding: The skill advertises destructive financial operations like deleting customers, refunding invoices, voiding invoices, and canceling or pausing subscriptions without any warning, confirmation requirement, or guardrails. In a billing context, accidental or unauthorized invocation could directly alter revenue records, service status, and customer accounts, making the operational impact significant.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal