Warp
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed Membrane-based Warp integration skill with no hidden scripts or scanner-backed malicious behavior found.
Install this only if you trust Membrane and are comfortable connecting your Warp account through Membrane. Review any discovered action before running it, and be especially careful with raw proxy requests or mutating methods such as POST, PATCH, PUT, or DELETE.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.