ClawHub

Sailpoint

Security checks across malware telemetry and agentic risk

Overview

This SailPoint skill is a disclosed integration, but it gives an agent broad authenticated access to sensitive identity-management APIs without clear guardrails for write or delete actions.

Install only if you trust Membrane and intend to let an agent work with SailPoint. Use a least-privileged SailPoint account, prefer predefined read/query actions, and require explicit human confirmation before any request that creates, updates, deletes, grants, revokes, or otherwise changes access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs users to send arbitrary proxy requests and documents destructive methods like POST, PUT, PATCH, and DELETE without requiring confirmation, approval gates, or warning about production impact. In an identity-management context, this can enable accidental or unsafe modification of accounts, entitlements, or sources, increasing the risk of privilege changes, outages, or data integrity issues.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal