Maverick Pipedrive Mcp

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Pipedrive CRM connector that uses OAuth credentials to read and modify CRM records through a local MCP server.

Install only for a Pipedrive account you intend the agent to help manage. Review and confirm any write action before it runs, use least-privilege OAuth scopes where possible, rotate the refresh token and client secret if exposed, and pin mcporter in stricter supply-chain environments.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 93% confidence
Finding: The description understates the skill's behavior by saying it can search, read, and update CRM data, while the documented behavior also includes creating records, adding notes, enumerating metadata, and seeding/storing OAuth tokens and client credentials in a local vault. This mismatch can cause users or orchestrators to invoke the skill with a lower trust threshold than warranted, increasing the chance of unintended state changes or sensitive credential handling.

Credential Access

High

Category: Privilege Escalation
Content: - `MAVERICK_PIPEDRIVE_MCP_EXPIRES_IN` - `MAVERICK_PIPEDRIVE_MCP_REFRESH_TOKEN_EXPIRES_AT` mcporter refreshes expired Pipedrive access tokens through Pipedrive's token endpoint before spawning the stdio server, then injects the token into `MAVERICK_PIPEDRIVE_MCP_ACCESS_TOKEN`. If calls keep returning auth errors after retry, the OAuth grant has likely been revoked or expired; reconnect the integration. ## Data flow
Confidence: 88% confidence
Finding: access tokens

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal