Peaka

Security checks across malware telemetry and agentic risk

Overview

This Peaka skill is mostly disclosed, but it gives an agent broad authenticated API access while the Peaka domain model and usage boundaries are not clearly scoped.

Review before installing if your Peaka account contains sensitive or business-critical data. Prefer discovered Membrane actions over raw proxy calls, connect only the intended account, require explicit approval for create/update/delete requests, and revoke the Membrane/Peaka connection when finished.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: The skill content is internally inconsistent: it describes Peaka as a cloud cost platform, but then lists unrelated object types such as Project, Recording, and Speaker and later promotes generic API/proxy access. This mismatch can cause an agent to operate on the wrong data model or use overbroad fallback mechanisms, increasing the risk of unintended actions against the connected service.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The invocation description is overly broad and may cause the skill to activate for any request vaguely involving 'Peaka data.' Overbroad triggering increases the chance that an agent will use this skill in inappropriate contexts, leading to unnecessary external connections, unintended data access, or execution of powerful actions when a narrower tool should have been chosen.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal