Confluent

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Confluent management skill that uses Membrane for authentication and API access, with powerful admin actions users should control carefully.

Install only if you trust Membrane and need an agent to manage Confluent resources. Use least-privilege Confluent access, review Membrane's data handling, prefer read-only actions unless a change is explicitly requested, and require clear confirmation before deleting topics or ACLs, changing topic configuration or partition counts, producing records, or using raw proxy requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill documents destructive operations such as deleting topics and ACLs and changing topic configuration/partition counts without any warning, confirmation requirement, or discussion of irreversible impact. In an agent setting, this increases the chance that a model may execute harmful infrastructure changes from ambiguous prompts or without obtaining explicit approval, leading to outage, data loss, or access disruption.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal