Back to skill

Security audit

Pakat Email Marketing

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Pakat email-marketing integration, but it can perform high-impact account and email-marketing actions without enough scoping or safety guidance.

Install only if you intend an agent to operate your Pakat account. Configure PAKAT_API_KEY through a secure environment or secret store rather than pasting it into chat, use the least-privileged key available, and require explicit confirmation before sending or scheduling emails, deleting resources, unsubscribing contacts, or creating customer accounts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The OpenAPI spec exposes a customer-account creation endpoint (/customers) that goes beyond the manifest’s stated purpose of managing existing Pakat email marketing resources such as lists, subscribers, campaigns, templates, and transactional emails. This scope expansion could let a user create new customer accounts or onboarding artifacts with the configured API key, increasing the risk of unauthorized account provisioning and abuse of a privileged integration.

Context-Inappropriate Capability

Low
Confidence
92% confidence
Finding
The OpenAPI spec exposes a customer-account creation endpoint (/customers) that goes beyond the manifest’s stated purpose of managing existing Pakat email marketing resources such as lists, subscribers, campaigns, templates, and transactional emails. This scope expansion could let a user create new customer accounts or onboarding artifacts with the configured API key, increasing the risk of unauthorized account provisioning and abuse of a privileged integration.

Context-Inappropriate Capability

Low
Confidence
92% confidence
Finding
The OpenAPI spec exposes a customer-account creation endpoint (/customers) that goes beyond the manifest’s stated purpose of managing existing Pakat email marketing resources such as lists, subscribers, campaigns, templates, and transactional emails. This scope expansion could let a user create new customer accounts or onboarding artifacts with the configured API key, increasing the risk of unauthorized account provisioning and abuse of a privileged integration.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly tells the agent to ask the user for their Pakat API key if the environment variable is not set, but it does not warn the user that this is a sensitive credential or direct them to use a secure secret-handling channel. In an agent setting, this can normalize pasting long-lived API keys into chat or logs, increasing the risk of credential exposure, replay, and unauthorized access to mailing lists, campaigns, subscribers, and transactional email functions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation exposes multiple destructive operations such as deleting lists, subscribers, fields, segments, campaigns, templates, and transactional emails without any caution about irreversible effects or the operational consequences of misuse. In an agent skill context, this increases the chance an automated system will execute high-impact state-changing actions without confirmation, backups, or safety checks, leading to accidental data loss or service disruption.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The authentication section instructs use of an API key from an environment variable but does not warn that the key is a sensitive secret that must not be logged, echoed, embedded in prompts, or exposed in error messages. In an agent-integrated environment, this omission can lead to credential leakage through debugging output, transcripts, or unsafe operational practices, enabling unauthorized access to the Pakat account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.