Dynamics Crm

Security checks across malware telemetry and agentic risk

Overview

This Dynamics CRM skill is coherent, but it needs review because it can make authenticated write and delete requests to live CRM data without explicit safety confirmations.

Install only if you are comfortable letting Membrane-connected agent workflows access your Dynamics 365 environment. Use least-privilege Dynamics permissions, prefer built-in Membrane actions and read-only queries, and require explicit confirmation before any POST, PUT, PATCH, DELETE, bulk update, workflow change, or record deletion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly instructs the agent to use a generic proxy request capability supporting POST, PUT, PATCH, and DELETE against Dynamics 365 endpoints, but it does not warn that these operations can create, alter, or delete production CRM records. In an agent setting, that omission increases the chance of unsafe execution of destructive actions without user confirmation, especially because the surrounding guidance encourages direct use when built-in actions do not fit.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal