Oksign

Security checks across malware telemetry and agentic risk

Overview

This OKSign skill is a legitimate integration, but it gives an agent broad authenticated access to sensitive signing documents, including deletion and raw API requests, without enough guardrails.

Install only if you trust Membrane and the agent with your OKSign account. Use the least-privileged OKSign account available, prefer predefined read-only actions, confirm document IDs and names before uploads or removals, and require explicit approval before any raw proxy request or non-GET request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The skill advertises destructive actions such as removing documents and SignExpress sessions without explicitly requiring confirmation or warning about irreversible effects. In an agent setting, that increases the risk of accidental deletion or misuse if the model selects these actions based on ambiguous user prompts.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal