Justcall

Security checks across malware telemetry and agentic risk

Overview

This JustCall skill is coherent, but it gives an agent authenticated power to send messages and change or delete business contact data without clear confirmation guardrails.

Install only if you want an agent to operate a live JustCall account through Membrane. Use a least-privileged account where possible, and require explicit confirmation before sending SMS/MMS, updating records, creating contacts, deleting contacts, or using raw proxy requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill exposes destructive operations like deleting contacts without any guidance to require user confirmation, verify target identity, or warn about irreversible effects. In an agent setting, this can lead to accidental or premature data deletion from ambiguous prompts or mis-resolved entities.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The raw proxy request capability allows arbitrary API paths and request bodies to be sent through an authenticated connection, but the skill does not warn about sensitive data exposure, unrestricted endpoint access, or the need for user consent when transmitting data. This broadens the reachable attack surface beyond curated actions and can enable unintended reads, writes, or bulk data access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal