Bexio

Security checks across malware telemetry and agentic risk

Overview

This Bexio skill is a coherent integration, but it gives agents broad live business-data access and write capability with weak upfront scoping and confirmation guidance.

Install only if you intend to let Membrane access your Bexio account. Prefer read/list actions, require the agent to show exact record IDs and field values before any create, update, delete, or proxy request, and revoke the Membrane/Bexio connection when finished.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill description presents a limited management scope, but later exposes a generic authenticated proxy mechanism that can send arbitrary requests to the Bexio API. This creates capability under-declaration: an agent or reviewer may assume the skill is constrained to listed actions when it can actually reach far broader authenticated endpoints, increasing the risk of unauthorized data access or destructive operations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal