ClawHub

Paypal

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate PayPal/Membrane integration, but it gives an agent broad authenticated PayPal powers without enough built-in confirmation guidance for money-moving or destructive actions.

Install only if you intend to delegate PayPal access through Membrane. Use a sandbox or least-privilege PayPal account where possible, verify the Membrane CLI package and version, review requested PayPal scopes, and require a separate confirmation step before any payout, refund, capture, invoice send/delete, subscription change, or other state-changing request.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises high-impact financial and destructive operations such as payouts, refunds, cancellations, deletions, and payment capture without any warning, confirmation requirement, or safety boundary. In a financial integration context, this increases the risk that an agent could execute irreversible or costly actions from ambiguous prompts or without sufficiently explicit user authorization.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The proxy-request feature allows arbitrary authenticated requests to PayPal APIs, effectively bypassing the safer constraints of curated actions. Without warnings or restrictions, an agent could invoke sensitive endpoints, mutate financial state, or access data beyond the intended task, especially because authentication is injected automatically.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal