Shortcut

Security checks across malware telemetry and agentic risk

Overview

This Shortcut integration is coherent and not deceptive, but it gives an agent broad authenticated access to read and change workspace data, including raw API requests, without clear confirmation guardrails.

Install only if you trust Membrane and want an agent to access your Shortcut workspace. Connect only the intended workspace, review granted permissions, and require explicit confirmation before creating, updating, or deleting Shortcut records or using raw proxy requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The proxy-request section enables arbitrary authenticated API calls, including reads, writes, and deletes, but it does not explicitly warn that these calls may transmit workspace data externally or perform destructive operations. In an agent context, that omission increases the chance the model will use raw requests without user awareness or adequate confirmation, especially for sensitive or state-changing endpoints.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal