Edlink

Security checks across malware telemetry and agentic risk

Overview

This Edlink skill is coherent, but it should be reviewed because it can use authenticated access to student data and raw API write/delete requests without built-in confirmation guidance.

Install only if you are comfortable granting Membrane-managed access to the relevant Edlink tenant. Use the narrowest OAuth scopes available, prefer read-only or pre-built Membrane actions, require explicit confirmation before any create/update/delete or raw proxy request, verify the exact institution/course/student records involved, and revoke the connection when it is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly documents raw proxy access with state-changing methods like POST, PUT, PATCH, and DELETE, but provides no guardrails about confirmation, least privilege, or the risk of modifying student or institutional data. In an education-data integration context, this can lead to unauthorized or accidental writes, deletions, or workflow changes against sensitive remote systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal