ClawHub

Dialpad

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Dialpad integration, but it gives an agent broad authenticated access to business communications and admin data without clear consent boundaries.

Install only if you intend to let an agent operate against your Dialpad account. Use the least-privileged Dialpad/Membrane connection available, require explicit approval before create/update/delete or webhook-related actions, and avoid raw proxy requests unless you have reviewed the exact endpoint, method, and data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest describes a narrower scope than the body of the skill actually provides. That mismatch can mislead an agent or user into granting trust for routine user/group management while the skill also enables access to calls, contacts, webhooks, and raw API operations, increasing the chance of unintended data access or actions.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The generic authenticated proxy permits arbitrary requests to the Dialpad API using the user's established connection, bypassing the narrower action catalog and any implied scope limitations. This materially expands what the skill can do, including potentially sensitive reads and destructive writes, and makes misuse harder to reason about or constrain.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill advertises write-capable actions such as creating and updating users, contacts, and call centers without warning that these operations modify live Dialpad data. In an agent setting, lack of explicit warning or confirmation increases the risk of unintended state changes, account misconfiguration, or data integrity issues.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The proxy request section explicitly supports POST, PUT, PATCH, and DELETE but provides no warning, guardrails, or confirmation expectations for destructive use. In practice, this enables broad mutation of Dialpad resources through raw authenticated requests, which is more dangerous than curated actions because validation and semantic safety checks are reduced.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal