Shippo

Security checks across malware telemetry and agentic risk

Overview

This Shippo skill is a legitimate integration, but it gives an agent broad authenticated shipping-account powers without clear confirmation boundaries for sensitive or costly actions.

Install only if you trust Membrane with your Shippo connection and are comfortable letting an agent access real shipping data. Require explicit confirmation before purchases, label creation, batch operations, refunds, deletions, or raw proxy requests, and consider pinning the Membrane CLI version instead of using @latest.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly encourages direct proxy requests to the Shippo API without requiring a user-facing disclosure that data will be sent to an external service. In an agent setting, this increases the risk that sensitive shipment, address, customs, or order data is transmitted off-platform without sufficiently informed user consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal