Blink

Security checks across malware telemetry and agentic risk

Overview

This Blink connector appears functional, but it should be reviewed because it mixes Blink service identities while enabling broad authenticated actions against organization data.

Review before installing. Confirm that this targets the intended Blink service and account, install the Membrane CLI only from a trusted environment, and require explicit approval before any delete, update, send, archive, or raw proxy request is run.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 89% confidence
Finding: The skill documentation presents inconsistent scope: the manifest says it manages Blink data generally, while the body mixes unrelated resource categories and also permits arbitrary proxy access to the Blink API. This can cause an agent to over-trust the skill and invoke broader operations than the user intended, increasing the chance of unauthorized or unsafe actions against connected Blink data.

Intent-Code Divergence

Medium

Confidence: 86% confidence
Finding: The Blink overview lists resources such as Contact, Call, and Message, but the later action set focuses on linked accounts, forms, users, and feed events. This contradiction can mislead an agent about available data types and permissible operations, which is dangerous in an automation context because the agent may choose incorrect or overly broad actions.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The invocation description is very broad ('Manage data, records, and automate workflows'), so the skill may be selected for generic enterprise tasks far outside a narrowly intended Blink workflow. Over-broad routing increases the chance of unnecessary external access, unintended data manipulation, or use of high-privilege integrations when a narrower tool would suffice.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill advertises destructive operations such as deleting linked accounts and archiving feed events without requiring confirmation, warning, or discussing blast radius. In an agentic environment, that omission can lead to accidental irreversible changes to user or organizational data when a model executes an action based on ambiguous user intent.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal