Kizeo Forms

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Kizeo Forms integration, but it gives an agent broad account-changing and raw API authority without clear confirmation guardrails.

Install only if you trust Membrane and intend to let the agent operate on your Kizeo Forms account. Use a least-privileged account where possible, review the global CLI install source, and require the agent to ask before creating, updating, deleting, or using raw proxy requests against Kizeo data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill advertises destructive actions such as deleting users and groups without any safety guidance, confirmation requirement, or warning about irreversible administrative impact. In an agent context, this increases the chance that a loosely instructed or mistaken workflow could perform harmful account changes without adequate user awareness.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: Documenting unrestricted proxy request capability enables arbitrary API access, including write and delete operations, while omitting guardrails about endpoint allowlisting, method restrictions, or user confirmation. In a connected environment with valid credentials, this can bypass safer pre-built actions and substantially expand the blast radius of prompt mistakes or adversarial instructions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal