Gatherup

Security checks across malware telemetry and agentic risk

Overview

This is a real GatherUp integration, but it gives an agent broad authenticated power to change or delete customer and business data without clear confirmation safeguards.

Install only if you are comfortable allowing an agent to use your GatherUp account through Membrane. Prefer read-only lookups by default, and require an explicit confirmation of the exact business, customer, action, and request body before sending feedback requests or creating, updating, or deleting records. Review and revoke the Membrane connection when access is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 76% confidence
Finding: The invocation text is broad enough that an agent may activate this skill for many generic requests involving GatherUp data, including operations beyond the user's likely intent. In a skill that exposes read, write, delete, and arbitrary proxy-request capabilities, overbroad routing increases the chance of unintended sensitive actions or data access.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill advertises destructive actions like deleting customers and businesses without warning about permanence, scope, or the need for explicit user confirmation. In an agentic context, this raises the risk of accidental data loss if the model selects a delete action based on ambiguous user input.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal