Charthop

Security checks across malware telemetry and agentic risk

Overview

This ChartHop skill is a plausible integration, but it gives an agent broad authenticated access to sensitive HR data and write/delete API operations without clear guardrails.

Install only if you intend to let an agent work with ChartHop through Membrane. Use a least-privilege or dedicated ChartHop account where possible, verify the Membrane CLI package/version, and require explicit approval before any write, update, delete, bulk, or compensation-related action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly instructs the agent to use direct proxy requests to the ChartHop API, including support for POST, PUT, PATCH, and DELETE, without requiring confirmation, scoping guidance, or warning that these operations may modify or expose sensitive HR data. In the ChartHop context, this is risky because the platform commonly contains employee, compensation, and organizational information, so unsafe direct requests can lead to unauthorized disclosure or destructive changes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal