8X8

Security checks across malware telemetry and agentic risk

Overview

This is a real 8x8 integration, but it gives an agent broad access to SMS, call, billing, settings, and raw API operations without enough scoping or confirmation guidance.

Install only if you intend to let an agent work inside your 8x8 tenant. Use the lowest-privilege Membrane/8x8 connection available, prefer listed Membrane actions over raw proxy requests, and require explicit confirmation before sending SMS, exporting logs, accessing recordings or billing, changing settings, or making non-read API calls.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The manifest description materially understates the skill's effective capabilities. While it claims to manage CRM-style entities, the body documents access to telephony, SMS, billing, settings, and arbitrary API proxying, which can cause an orchestrating agent or user to invoke a much broader and more sensitive integration than expected.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly documents arbitrary proxied requests with selectable methods, headers, query parameters, and bodies, effectively enabling broad read/write access to the connected 8x8 tenant. Without explicit safety guidance or confirmation requirements, an agent could mutate configuration, send messages, export logs, or access sensitive data through raw API calls beyond the safer prebuilt actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal