Pendo

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Pendo integration, but it needs review because it gives an agent broad authenticated Pendo API access, including write and delete methods, without clear guardrails.

Install only if you trust Membrane and are comfortable granting the connected Pendo account's permissions to an agent. Use a least-privilege Pendo account where possible, prefer listed Membrane actions over raw proxy calls, and require explicit confirmation before any POST, PUT, PATCH, or DELETE request.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The skill claims a scoped Pendo integration, but it also documents a generic proxy mechanism that can access arbitrary Pendo API endpoints through an authenticated connection. This expands capability beyond the manifest’s named resources and can enable unintended data access or destructive operations if an agent follows the documentation without additional authorization checks.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal