Hasura

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Hasura integration, but it gives an agent broad database administration power without clear approval guardrails for destructive actions.

Install only if you intend to let an agent administer Hasura through Membrane. Use a least-privilege Hasura/Membrane connection, prefer read-only or staging access for routine work, and require explicit approval before raw SQL, GraphQL mutations, delete/drop/untrack actions, metadata reloads, trigger changes, endpoint changes, or proxy requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill enumerates clearly destructive Hasura actions such as dropping relationships, deleting triggers, untracking tables, and executing raw SQL without any explicit warning, confirmation requirement, or recommendation to verify user intent first. In an agent setting, this increases the chance that an LLM could select and invoke a destructive action from ambiguous instructions, causing data loss, schema damage, or service disruption.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal