Chatwork

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Chatwork integration, but it can send, update, and delete content in a connected Chatwork account.

Install only if you trust Membrane and are comfortable connecting a Chatwork account through it. Use least-privileged Chatwork access where possible, review the Membrane CLI package/version before installing, and require explicit confirmation before sending, updating, deleting, or using raw proxy requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill documents destructive capabilities like deleting rooms or messages but provides no requirement for explicit user confirmation, dry-run behavior, or guardrails before execution. In an agentic setting, this increases the risk of accidental or over-broad destructive operations from ambiguous prompts or model mistakes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal