Notarize

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent, but it gives an agent broad authenticated ability to change sensitive Notarize legal and account data without clear confirmation guardrails.

Review before installing if the connected Notarize account can alter documents, workflows, users, or roles. Prefer Membrane's discovered actions over raw proxy calls, use the least-privileged account available, and require explicit confirmation before any POST, PUT, PATCH, DELETE, document mutation, workflow change, role change, or user-management action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly instructs the agent to use a raw proxy request mechanism that supports mutating HTTP methods like POST, PUT, PATCH, and DELETE without any warning, confirmation requirement, or guardrails around destructive actions. In a notarization platform context, this could lead to unauthorized modification or deletion of documents, workflows, users, or templates if the agent misinterprets intent or is prompt-injected into taking action.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal