Docebo

Security checks across malware telemetry and agentic risk

Overview

This Docebo skill appears legitimate, but it needs review because it can run broad Docebo actions through Membrane without clear safety limits for changes.

Install only if you trust Membrane with your Docebo connection. Use a least-privileged Docebo account, prefer predefined Membrane actions, and require explicit confirmation before any action that changes users, enrollments, policies, API keys, reports, exports, commerce records, or other sensitive data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The skill advertises managing data, records, and workflows across a large set of Docebo resources without clearly warning that actions may modify remote systems. In an agent setting, this can lead users or orchestration layers to invoke potentially state-changing operations without adequate confirmation, increasing the chance of unintended record changes or workflow execution.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The proxy request section enables arbitrary API calls, including POST, PUT, PATCH, and DELETE, while describing automatic authentication/header injection but not warning about destructive effects or data exfiltration to an external service. This increases the chance an agent will issue unsafe direct requests, bypassing safer pre-built actions and causing unintended remote changes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal