Heyzine

Security checks across malware telemetry and agentic risk

Overview

This Heyzine skill appears coherent and disclosed, though it can act on a connected Heyzine account through Membrane.

Install this only if you want an agent to work with your Heyzine account through Membrane. Before approving actions, check whether they read data or create, update, delete, or proxy requests against flipbooks, branding, account settings, or public content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description is overly broad ('Manage data, records, and automate workflows'), which can cause an agent to invoke this Heyzine-specific skill for generic data-management tasks unrelated to Heyzine. In an agentic system, this increases the chance of unintended external actions, data access, or cross-application confusion, especially when networked tools are available by default.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal