ClawHub

10To8

Security checks across malware telemetry and agentic risk

Overview

This 10to8 integration is legitimate-looking, but it can change or cancel real bookings and make raw authenticated API requests without clear confirmation guardrails.

Install only if you are comfortable granting Membrane and the agent access to the intended 10to8 account. Before any create, update, cancel, payment-related, or proxy API write operation, require the agent to show the affected booking or record and get explicit approval. Prefer built-in Membrane actions over raw proxy calls, avoid unnecessary bulk customer data retrieval, consider pinning or verifying the CLI package version, and revoke the connection when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The skill advertises update and cancel booking capabilities without any warning that these are state-changing operations affecting real user data. In an agent setting, lack of an explicit confirm-before-change requirement can lead to unintended modifications or cancellations of appointments, causing operational disruption and privacy-impacting mistakes.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The direct proxy feature allows arbitrary API requests and may expose sensitive booking, customer, staff, or communication data if used without guardrails. Although Membrane handles authentication, the documentation omits warnings about least-privilege use, sensitive data handling, and the need to avoid broad or unnecessary data retrieval and transmission.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal