Solarwinds Service Desk

Security checks across malware telemetry and agentic risk

Overview

This is a coherent SolarWinds Service Desk integration, but it needs review because it gives an agent broad authenticated ability to change or delete service desk records without clear safeguards.

Install only if you trust Membrane and are comfortable granting SolarWinds Service Desk access. Use a least-privileged SolarWinds account, prefer discovered Membrane actions over raw proxy calls, require explicit confirmation before create/update/delete requests, and revoke the connection when finished. This Review verdict is based on broad mutating API authority, not malware evidence; static scan was clean and VirusTotal was still pending.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The skill documents use of a generic proxy request interface that supports POST, PUT, PATCH, and DELETE against the SolarWinds Service Desk API without any caution about confirmation, least privilege, or destructive effects. In an agent context, this increases the chance that the model performs unintended state-changing operations or deletions based on ambiguous prompts.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal