Keycloak

Security checks across malware telemetry and agentic risk

Overview

This appears to be a disclosed Keycloak/Membrane integration skill, with the main issue being broad wording that could route it into unrelated identity-management tasks.

Install only if you intend to let an agent work with Keycloak through Membrane. Use a least-privileged Keycloak account, review proposed changes before allowing writes such as user, role, realm, or client updates, and avoid invoking this skill for generic data-management requests unrelated to Keycloak.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The description is overly broad: 'Manage data, records, and automate workflows' could match many generic enterprise tasks rather than clearly scoping the skill to Keycloak identity-management operations. In an agent-routing context, this increases the chance the skill is invoked for unrelated requests, which can lead to unnecessary access to identity data or unintended administrative actions in a sensitive IAM system.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal