ClawHub

Pancake Crm

Security checks across malware telemetry and agentic risk

Overview

This Pancake CRM skill is purpose-aligned, but it can use delegated credentials to create, update, delete, and proxy broad API requests against CRM data without clear confirmation guardrails.

Install only if you trust Membrane and want an agent to operate on Pancake CRM data. Use a least-privileged account where possible, prefer scoped Membrane actions over raw proxy requests, and require the agent to show exact affected records and get explicit confirmation before creating, updating, or deleting CRM records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly lists delete as a supported Records operation but provides no guardrails such as confirmation, scoping, or warning about irreversible data loss. In an agent-driven context, this increases the chance that a model could perform destructive actions based on ambiguous prompts or user misunderstanding, causing unintended CRM record deletion.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal