Codescene

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent CodeScene integration, but it gives an agent broad authenticated management authority, including delete actions, without clear safety controls.

Install only if you are comfortable granting Membrane delegated access to CodeScene. Use a least-privileged CodeScene account where possible, inspect target project or team IDs before any write, require a fresh explicit confirmation before delete or update actions, and reserve raw proxy requests for carefully reviewed cases.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill advertises destructive capabilities like deleting projects and teams without pairing them with warnings, confirmation requirements, or safety guidance. In an agent setting, this increases the chance that an LLM or user triggers irreversible operations without understanding consequences, especially because the skill also promotes direct action execution via CLI.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal