Kintone

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate Kintone integration, but it can change or delete live business records through broad Membrane/Kintone access without explicit safety checks.

Install only if you trust Membrane and intend to let an agent operate on Kintone through your account. Use least-privileged Kintone access, verify tenant/app/record targets before mutations, and require explicit confirmation for deletes, bulk updates, raw proxy requests, or user/group/organization changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill prominently lists destructive operations like deleting records, cursors, and comments without any guardrails, confirmation requirements, or warnings about irreversible data loss. In an agent setting, this increases the risk that a model may execute destructive actions on ambiguous or insufficiently confirmed user requests, especially because the skill also provides direct command patterns for action execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal