ClawHub

Formcarry

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Formcarry integration, but it gives an agent authenticated form-management and deletion power without clear safeguards for destructive actions.

Install only if you trust Membrane and need agent access to Formcarry. Review the Membrane authorization flow, use the least-privileged Formcarry account available, and require explicit confirmation before creating, deleting, or making raw proxy requests that modify Formcarry data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation guidance is broad enough that an agent may select this skill for loosely related requests involving forms or website data, even when the user did not specifically intend to operate on Formcarry. Over-broad routing increases the chance of unnecessary external access or unintended actions against a connected Formcarry account.

Vague Triggers

Low
Confidence
82% confidence
Finding
The phrase 'Use action names and parameters as needed' provides little policy for choosing safe versus destructive actions, leaving action selection largely to agent discretion. In a skill that includes deletion and direct API request capability, vague guidance can lead to incorrect or higher-risk operations being chosen without sufficient user confirmation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises destructive capabilities such as 'Delete Form' without any requirement to confirm with the user, verify the target form, or warn about irreversibility. This makes accidental deletion more likely, especially if an agent misinterprets intent or selects an action autonomously.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal