Ongage

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Ongage integration, but it gives agents broad authenticated power to change or delete business account data without explicit guardrails.

Install only if you trust Membrane and are comfortable granting delegated access to your Ongage account. Use the least-privileged Ongage connection available, confirm every create/update/delete/bulk campaign/user/API-key action before running it, prefer discovered Membrane actions over raw proxy requests, and revoke the connection when no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The skill documents running arbitrary actions and proxying direct API requests, including methods like POST, PUT, PATCH, and DELETE, without requiring confirmation or warning about destructive effects. In an agent setting, this increases the risk that a model could modify or delete Ongage resources based on ambiguous prompts or incomplete user awareness.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal