Outreach

Security checks across malware telemetry and agentic risk

Overview

This Outreach skill is coherent, but it gives an agent broad ability to read and change sensitive sales records, including raw API requests, without clear confirmation guardrails.

Review before installing. Use this only with an Outreach account you are authorized to connect through Membrane, prefer read-only list/get actions first, and require explicit approval before create, update, delete, export, bulk, or raw proxy requests. Revoke the Membrane connection when it is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill explicitly documents a generic proxy mechanism that can issue arbitrary HTTP methods, including POST, PATCH, and DELETE, against the Outreach API without accompanying guardrails about confirmation for destructive operations or least-privilege usage. In a high-value sales system, this can enable unintended record changes, deletions, or bulk data manipulation if an agent uses the proxy for underspecified or ambiguous requests.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal