Interswitch Group

Security checks across malware telemetry and agentic risk

Overview

This payment-integration skill is coherent, but it gives an agent broad authenticated access to a financial API, including raw write and delete requests, without clear user-confirmation guardrails.

Review before installing on any production Interswitch account. Prefer prebuilt Membrane actions and read-only discovery first, and require explicit user approval before any POST, PUT, PATCH, DELETE, payment, refund, transfer, or record-changing request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill documents direct proxy requests to the remote API without warning that such requests may create, modify, or delete production payment-related data. In a financial integration context, omission of a confirmation or cautionary warning increases the risk that an agent or user will perform destructive or irreversible actions through raw API calls.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal