Anodot

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent Anodot integration, but it gives an agent broad authenticated API authority, including raw write-capable requests, without clear confirmation or scoping safeguards.

Install only if you intend to let an agent operate Anodot through Membrane. Use a least-privileged Anodot account, review requested actions carefully, and require explicit confirmation before creating, updating, deleting, automating, or proxying sensitive data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description is overly broad ('Manage data, records, and automate workflows'), which can cause the agent to invoke this network-capable integration for generic user requests that were not clearly about Anodot. In context, this matters because the skill can initiate authenticated external actions and proxy API requests, increasing the risk of unintended data access or transmission from ambiguous prompts.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The proxy-request section explicitly enables direct API calls to Anodot through Membrane, but it does not instruct the agent to warn the user that data will be transmitted to an external service or to confirm before sending sensitive content. Because this skill has network access and authenticated connections, ambiguous or sensitive user data could be forwarded off-platform without sufficiently explicit consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal