Intercom

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Intercom integration, but it gives an agent broad authenticated power over customer-support data without enough built-in scoping or confirmation guidance.

Install only if you trust Membrane and need an agent to work with Intercom. Use the least-privileged Intercom account or connection available, confirm every delete, bulk, export, messaging, publish, admin, or account-changing action before it runs, and verify how to audit and revoke the Membrane connection afterward.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill enumerates many destructive and state-changing operations such as delete, archive, merge, assign, publish, and reset-password style actions without warning that these can modify production customer-support data. In an agent setting, this increases the chance that routine requests are translated into impactful actions without adequate user confirmation or safety gating.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The proxy request feature enables arbitrary direct API calls through an authenticated connection, which can bypass the safety affordances of curated actions and reach sensitive or destructive endpoints. Without user-facing warnings, method/path allowlisting, or confirmation requirements, an agent could send, modify, export, or delete Intercom data with little friction.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal