Jenkins X

Security checks across malware telemetry and agentic risk

Overview

This Jenkins X skill is coherent, but it gives an agent broad authenticated CI/CD API access without clear safeguards for write or delete actions.

Install only if you trust Membrane and intend to let an agent access Jenkins X. Use a least-privilege Jenkins X account, prefer discovered Membrane actions over raw proxy requests, and require explicit approval before any POST, PUT, PATCH, DELETE, pipeline-triggering, environment-changing, or deletion operation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly documents raw proxy requests with mutating HTTP methods (POST, PUT, PATCH, DELETE) and presents them as a fallback without warning about destructive side effects, confirmation requirements, or read-only preference. In an agent setting, this increases the risk that the model will perform direct state-changing API calls against Jenkins X resources without adequate user consent or safety checks.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal