Linkedin Ads

Security checks across malware telemetry and agentic risk

Overview

This is a coherent LinkedIn Ads integration, but it can make business-impacting ad changes and should be used with explicit confirmation for mutations.

Install only if you trust Membrane and are comfortable delegating LinkedIn Ads access through its CLI. Use a least-privileged account where possible, verify the target ad account and object IDs, and require a preview plus explicit approval before creating, updating, deleting, publishing, or changing campaigns, creatives, accounts, budgets, or proxy requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 85% confidence
Finding: The skill exposes a generic authenticated proxy mechanism for direct API requests, which expands capability beyond the listed curated actions and reduces guardrails. This can enable unintended or overly broad operations against the connected LinkedIn Ads account if an agent uses arbitrary paths or methods without strict validation or approval.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill advertises destructive actions such as deleting campaign groups, campaigns, and creatives but provides no instruction to obtain confirmation before executing them. In an agent setting, this increases the risk of accidental destructive changes to production advertising assets and spend configuration.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal