ClawHub

Mattermark

Security checks across malware telemetry and agentic risk

Overview

This Mattermark skill is a coherent integration, but it should be reviewed because it permits authenticated API actions that could change business data without clear confirmation guardrails.

Install only if you trust Membrane to broker Mattermark access. Prefer discovered read-only actions, require explicit approval before any POST, PUT, PATCH, or DELETE request, consider pinning the CLI version, and revoke the Mattermark connection when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal