Cyberimpact

Security checks across malware telemetry and agentic risk

Overview

This Cyberimpact skill is a disclosed Membrane-based integration, but it can make real account changes and raw authenticated API calls without clear confirmation rules.

Install only if you trust Membrane and intend to let an agent manage Cyberimpact. Require explicit confirmation before creating, updating, deleting, scheduling, or sending anything, and use raw proxy requests only when the exact endpoint and impact are clear.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The skill description is broad enough to activate on generic Cyberimpact-related requests without clearly constraining whether the user wants read-only lookup versus state-changing operations. In a skill that can create, update, delete, and proxy arbitrary API requests, overly broad invocation criteria increase the chance of unintended use and accidental execution of higher-risk actions.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The documentation advertises create, update, delete, and raw proxy request capabilities but does not require confirmation or warn about destructive effects. This makes accidental or overly eager agent use more dangerous, especially because direct proxy access can bypass safer prebuilt workflows and reach arbitrary API endpoints with authenticated context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal