Apolloio

Security checks across malware telemetry and agentic risk

Overview

This Apollo.io skill is coherent but should be reviewed because it can change live CRM data through Membrane without clear confirmation guardrails.

Install only if you trust Membrane and intend to let the agent access Apollo.io. Before any create, update, bulk, proxy, or delete-style action, require the agent to show exactly which records and fields will change and get explicit approval. Use least-privilege Apollo/Membrane access where possible and review how to revoke the connection.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill advertises create and update actions for contacts, accounts, deals, and tasks without warning that these operations will modify live Apollo.io data. In an agent setting, that omission increases the chance of unintended writes or bulk changes because the user may not realize the skill can perform destructive or state-changing actions, especially when similar listings mix read and write capabilities together.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal