Leadpops

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Leadpops integration, but it needs Review because it can modify or delete business lead data without explicit safety steps.

Install only if you trust Membrane and are comfortable granting it access to Leadpops. Use the least-privileged account available, prefer predefined Membrane actions over raw proxy requests, and require a clear confirmation step before any update, delete, or other mutating action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The invocation description is broad enough that an agent may select this skill for loosely related requests involving Leadpops data, increasing the chance of unintended access or actions. In a skill that includes both read and write capabilities, overbroad routing can lead to unnecessary exposure of customer data or accidental modification/deletion if the wrong skill is invoked.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: Documenting a delete capability without an accompanying confirmation or safety note creates a realistic risk that an agent will perform irreversible destructive actions based on ambiguous or mistaken prompts. Because lead deletion can remove business-critical sales data, the absence of a confirmation requirement materially increases the chance of accidental loss.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal