ClawHub

Coperniq

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Coperniq integration that can modify business records through Membrane, but the artifacts do not show hidden, deceptive, or destructive behavior outside that purpose.

Install only if you trust Membrane and intend to connect Coperniq. Use a least-privileged Coperniq account when possible, review the OAuth connection prompts, require explicit confirmation before any create/update/delete or proxy request, and revoke the Membrane connection when it is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest says the skill manages Coperniq Organizations, Pipelines, Users, and Filters, but the documented actions target unrelated entities like clients, projects, requests, contacts, and work orders. This mismatch can cause the wrong skill to be invoked and mislead an agent into performing actions on a different integration than the user intended, increasing the risk of unintended data access or modification.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The action catalog appears to belong to a different business domain than the stated Coperniq integration, which indicates documentation drift or a copied skill template. In an agent setting, inaccurate capability descriptions are security-relevant because they can route requests to inappropriate tools and lead to unauthorized or destructive operations against the wrong connected service.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The overview lists Dataset, Column, Model, Job, Organization, User, and Workspace, but the supported actions operate on an entirely different entity set. Contradictory resource models make it difficult for an agent or reviewer to understand what the skill can really do, which raises the chance of misuse, overbroad invocation, and accidental operations on unexpected records.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The description 'Use when the user wants to interact with Coperniq data' is broad and can match many generic requests. In a tool-selection pipeline, overly broad invocation criteria increase the likelihood that this skill is chosen when the user's intent is ambiguous, which becomes more dangerous here because the skill exposes create, update, delete, proxy-request, and connection-establishment capabilities.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documents destructive and mutating actions, including delete and update operations, without warning that these can irreversibly change external data. In an agent context, absence of clear confirmation requirements and risk notices can lead to silent or accidental destructive actions, especially when combined with broad invocation guidance.

VirusTotal

44/44 vendors flagged this skill as clean.

View on VirusTotal