Amazon Eks

Security checks across malware telemetry and agentic risk

Overview

This Amazon EKS skill appears purpose-aligned, but it gives an agent broad authenticated power to change cloud infrastructure without clear confirmation limits.

Install only if you trust Membrane and intend to let an agent work with Amazon EKS. Use a least-privileged AWS role, verify each discovered action before running it, and require explicit human approval for any create, update, delete, or raw proxy request that could change infrastructure.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The invocation guidance is overly broad: 'Use when the user wants to interact with Amazon EKS data' can route many ambiguous AWS/Kubernetes requests into a powerful skill without clarifying scope or safety boundaries. In an agent setting, broad triggers increase the chance of unnecessary use of a capability that can enumerate, modify, or delete EKS resources.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly documents direct proxy requests with mutating HTTP methods like POST, PUT, PATCH, and DELETE but provides no guardrails, confirmation requirements, or warnings about infrastructure impact. Because this is an EKS integration, such requests could alter cluster configuration, addons, node groups, or access-related settings, leading to service disruption or destructive changes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal