ClawHub

Sumo Logic

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed Sumo Logic integration, but it includes broad authenticated raw API access that deserves user review before installation.

Install only if you intend to let the agent operate through your authenticated Sumo Logic account. Prefer predefined Membrane actions, use a least-privilege Sumo Logic connection, and require explicit approval before any raw proxy request or POST, PUT, PATCH, or DELETE operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill documentation exposes a generic proxy request capability that can send arbitrary authenticated requests to the Sumo Logic API, but the manifest description only frames the skill as managing standard Sumo Logic resources. This understatement can cause downstream systems or users to grant the skill broader trust than warranted, increasing the risk of unreviewed destructive or sensitive API operations through the proxy path.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The documented `membrane request CONNECTION_ID /path/to/endpoint` feature grants broad raw API access beyond the safer pre-built actions, enabling arbitrary reads, writes, and administrative calls under the user's authenticated Sumo Logic connection. In skill context, this materially expands capability from guided integration tasks to a general-purpose authenticated proxy, which is dangerous if invoked without strict validation or user awareness.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal