ClawHub

Stannp

Security checks across malware telemetry and agentic risk

Overview

This is a real Stannp/Membrane integration, but it gives an agent broad authenticated control over mail, commerce, payment, refund, and account resources without clear approval limits.

Install only if you are comfortable letting an agent act through your Stannp account via Membrane. Before approving any task, require the agent to name the exact action or endpoint, say whether it changes data or costs money, and identify affected campaigns, orders, payments, refunds, contacts, or account settings. Use the least-privileged Stannp account available and revoke the Membrane connection when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The manifest describes a relatively narrow Stannp integration, but the body advertises broad capabilities spanning shipping, ecommerce, finance, inventory, and administrative domains. This scope mismatch can mislead an agent or user into invoking operations far beyond expected direct-mail functionality, increasing the chance of unintended high-privilege actions or unsafe data handling.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages proxying direct requests to the Stannp API without warning that request paths, parameters, and bodies may contain sensitive user or system data sent to an external service. In an agent setting, this omission can cause users or downstream systems to authorize data transmission without informed consent or adequate review.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal