Sms It

Security checks across malware telemetry and agentic risk

Overview

This looks like a real SMS-IT/Membrane integration, but it needs review because it grants broad authenticated API access while the documented scope is inconsistent.

Install only if you intend to use Membrane as the credential broker for this SMS-IT account. Before authorizing, verify the SMS-IT domain is the provider you expect, and require explicit approval before any message sending, contact changes, deletion, or raw proxy request.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The manifest advertises management of Users, Organizations, Goals, and Filters, but the body documents SMS messaging objects and a generic authenticated proxy. That mismatch can cause an agent to invoke the skill under false assumptions and then perform broader API operations than the user likely intended, increasing the chance of unauthorized or over-scoped actions.

Intent-Code Divergence

Medium

Confidence: 88% confidence
Finding: The documentation contradicts itself about what data models the skill manages, which undermines safe routing and operator understanding. In an agent setting, ambiguous scope is dangerous because it can lead to the wrong skill being selected and to actions being taken against a connected external system that do not match user expectations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal