Deputy

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Deputy integration, but it gives an agent broad ability to change workforce and payroll-adjacent records without clear approval safeguards.

Install only if you intend to let an agent access your Deputy workspace through Membrane. Use least-privilege Deputy permissions, require preview and explicit confirmation before any write, and verify employee identity, dates, locations, pay-related fields, billing/admin targets, and the exact action before execution.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description is very broad and can cause the agent to invoke this skill for many ordinary Deputy-related requests without clearly distinguishing read-only tasks from sensitive write operations. In a workforce-management context, overbroad routing increases the chance of accidental employee, schedule, leave, or timesheet changes affecting real business records.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The documentation advertises actions that modify employees, timesheets, leave requests, and shifts but does not warn that these operations change authoritative workforce and payroll-related records. Without clear safety guidance, an agent may treat these actions as routine and perform impactful mutations without sufficient confirmation, validation, or awareness of downstream business consequences.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal