Google Merchant Center

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Google Merchant Center integration, but it can change or delete business listing data and also exposes raw API requests without clear confirmation safeguards.

Install only if you trust Membrane with delegated access to your Google Merchant Center account. Prefer read/list actions first, explicitly confirm any create, update, delete, or proxy request, review OAuth scopes, and revoke the Membrane connection when you no longer need it.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 87% confidence
Finding: The skill explicitly documents a generic proxy mechanism that can send arbitrary requests to the connected Google Merchant Center API, which materially broadens capability beyond the enumerated actions. While this may be intended as flexibility for legitimate integrations, it weakens scope control and can enable unreviewed reads, writes, or destructive operations if an agent uses raw requests without strong policy constraints.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill advertises destructive delete operations but provides no warning, confirmation, or safety guidance before performing irreversible actions on products, datafeeds, or collections. In an agentic context, this increases the risk of accidental or unauthorized destructive changes, especially if the model interprets ambiguous user requests too aggressively.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal