Harvest

Security checks across malware telemetry and agentic risk

Overview

This Harvest integration is mostly coherent, but it gives an agent broad ability to create, update, and potentially delete live business records without clear confirmation guidance.

Install only if you trust Membrane and want an agent connected to your Harvest workspace. Before using it, require explicit approval for any create, update, delete, or raw proxy request, and consider pinning or verifying the Membrane CLI package instead of installing @latest globally.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill prominently documents create and update actions for users, clients, tasks, projects, and time entries, but it does not instruct the agent to obtain explicit confirmation before performing mutating operations. In an autonomous or loosely supervised agent environment, this can lead to unintended writes, data corruption, or business-impacting changes in Harvest records.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal