Scalr

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Scalr integration, but it gives an agent broad authenticated Scalr API control without clear safety limits.

Install only if you are comfortable letting an agent use a Membrane-brokered Scalr connection. Use a least-privilege Scalr account where possible, avoid production administrator credentials, and require explicit human review before any create, update, delete, policy, user-management, workspace, SSH key, Terraform, or direct proxy API action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 88% confidence
Finding: The documentation says the skill is for interacting with Scalr data, but it also enables arbitrary proxied API requests including POST, PUT, PATCH, and DELETE. That materially expands the capability surface from scoped integration actions to near-arbitrary authenticated API access, which can lead to unintended or destructive changes if invoked without clear constraints or confirmation.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The proxy request section documents direct API access with mutating methods but does not warn that these operations can create, modify, or delete real Scalr resources. In an agent context, lack of explicit safety guidance increases the chance of accidental destructive actions, especially when authenticated requests are made through a convenience wrapper.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal