Hr Cloud

Security checks across malware telemetry and agentic risk

Overview

This HR Cloud skill is coherent, but it can read and change sensitive HR records without strong scoping or confirmation guidance.

Install only if you intentionally want an agent to use Membrane with HR Cloud. Use a least-privilege HR Cloud account, confirm every create/update/upsert/delete or raw proxy request before it runs, avoid unnecessary employee or applicant data exports, and know how to revoke the Membrane connection.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The manifest description is broad enough to activate on generic HR-related requests, which can cause the agent to invoke a powerful HR integration in contexts where the user did not clearly intend to access or modify HR Cloud data. Because the skill exposes sensitive employee/applicant records and write actions, over-broad routing increases the chance of unintended data access or record changes.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill advertises employee/applicant create and update operations without clearly warning that these actions can change authoritative HR records. In an agent setting, this increases the risk that the model treats these operations like ordinary retrieval tools and performs destructive or compliance-sensitive changes without sufficient user confirmation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal