Baselinker
Security checks across malware telemetry and agentic risk
Overview
This BaseLinker skill is coherent but should be reviewed because it can modify live store products, stock, and orders through persistent delegated access without explicit built-in confirmation safeguards.
Install only if you trust Membrane and need agent access to your BaseLinker account. Use the least-privileged or test account available, require explicit confirmation before any add, update, order-status, stock, or raw proxy request, and revoke the Membrane/BaseLinker connection when no longer needed.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.