Clerkio
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed Clerk.io integration that uses Membrane to connect to the service, with no evidence of hidden or unrelated behavior.
Install this only if you trust Membrane and are comfortable letting it broker access to your Clerk.io account. Use the least-privileged Clerk.io access available, verify connector and action IDs through the Membrane CLI or UI, and treat the global npm CLI install as third-party software running on your machine.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.