ClawHub

Microsoft Entra Id

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Microsoft Entra ID administration skill, but it gives an agent broad identity-management power without enough safety guardrails.

Install only if you are comfortable connecting Membrane and an agent to your Microsoft Entra ID tenant. Use a least-privileged or test tenant account where possible, review OAuth consent scopes, verify the CLI package before global install, and require human confirmation before any create, update, delete, invitation, role, service principal, policy, group, or membership change.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill explicitly advertises destructive Microsoft Entra ID operations such as deleting users and groups without any cautionary guidance, confirmation requirements, or discussion of tenant impact. In an identity-management context, these actions can disable access, disrupt business operations, and cause accidental privilege or account lifecycle changes if an agent executes them too readily.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The proxy request section enables arbitrary direct API calls, including write and delete methods, while emphasizing convenience and authentication handling but not warning about the ability to bypass safer prebuilt actions. In the Entra ID context, this can expose the full administrative surface of the tenant to unsafe agent-generated requests, increasing the risk of unauthorized modifications, deletions, or policy changes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal