Slash Graphql
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed Slash GraphQL integration that uses Membrane CLI authentication and actions to access user-authorized GraphQL data.
Install this only if you intend to let an agent operate on your Slash GraphQL data through Membrane. Review requested actions before running them, especially mutations or proxy requests using POST, PUT, PATCH, or DELETE, and be aware that the global npm CLI install trusts the current @membranehq/cli package.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.