ClawHub

Partnerize

Security checks across malware telemetry and agentic risk

Overview

This Partnerize skill is not malicious, but it gives an agent broad authenticated Partnerize API reach without clear limits or confirmation rules for write/delete actions.

Install only if you are comfortable linking Partnerize through Membrane and letting the agent act with that account's permissions. Use a least-privileged Partnerize account, prefer discovered Membrane actions over raw proxy calls, require explicit confirmation before any POST, PUT, PATCH, or DELETE request, and revoke the Membrane connection when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest and top-level description frame the skill as managing organizations, but the body documents much broader capabilities including transactions, settings, support tickets, arbitrary action discovery, and proxy API requests. This scope mismatch can mislead an orchestrator or user into invoking the skill in situations with far greater read/write reach than the advertised purpose, increasing the chance of overbroad or unsafe operations.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The invocation guidance says to use the skill when the user wants to interact with Partnerize data, which is extremely broad and does not distinguish read-only lookups from state-changing administration. In an agent setting, this can cause the skill to be selected for loosely related requests and then leverage its broad action-discovery and proxy features to perform operations beyond the user's likely expectation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly documents a generic proxy request mechanism with support for POST, PUT, PATCH, and DELETE against Partnerize endpoints, but it does not warn that these requests may create, modify, or delete remote data. In context, this is a high-risk capability because it bypasses safer prebuilt actions and gives the agent near-arbitrary authenticated API reach over the connected Partnerize account.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal