ClawHub

Satuit

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Satuit integration, but it gives an agent broad authenticated access to sensitive CRM and portfolio-management data without enough safeguards around write or delete actions.

Install only if you intend to let an agent use an authenticated Membrane/Satuit connection. Use the least-privileged Satuit account available, review every create/update/delete or proxy request before it runs, verify record IDs and request bodies, and revoke the Membrane connection when the work is finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The skill description is overly broad: 'Manage data, records, and automate workflows' can match many generic user requests and may cause the agent to invoke this external-integration skill when the user did not clearly intend Satuit access. In a financial CRM context, mistaken invocation can expose or modify sensitive client, portfolio, or compliance-related records, making the ambiguity more dangerous than in a low-risk domain.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation explicitly enables raw proxy requests with POST, PUT, PATCH, and DELETE but provides no guardrails around destructive operations, confirmation requirements, or least-privilege handling. Because Satuit contains financial CRM and client-management data, direct API access without safety checks increases the risk of unauthorized modification, deletion, or bulk-impact actions from ambiguous or mishandled prompts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal