Hostaway

Security checks across malware telemetry and agentic risk

Overview

This is a real Hostaway/Membrane integration, but it gives an agent broad authenticated power to change Hostaway business data without clear confirmation guardrails.

Install only if you are comfortable granting an agent delegated Hostaway access through Membrane. Use the least-privileged Hostaway account available, prefer listed Membrane actions over raw proxy requests, and require explicit confirmation before creating, updating, deleting, charging, messaging, or otherwise changing Hostaway records. Consider pinning or reviewing the Membrane CLI version instead of relying on @latest, and revoke the Membrane/Hostaway connection when no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly documents raw proxy requests with mutating methods like POST, PUT, PATCH, and DELETE, but does not instruct the agent to confirm destructive actions with the user or warn about side effects. In a production integration touching reservations, listings, messages, and tasks, this can enable unintended state changes or destructive operations if the agent acts on ambiguous prompts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal