Maintainx
Security checks across malware telemetry and agentic risk
Overview
This MaintainX skill appears legitimate, but it gives an agent broad authenticated power to change business data without clear approval boundaries.
Install only if you are comfortable letting an agent act through your MaintainX account via Membrane. Use a least-privileged MaintainX account, review or pin the Membrane CLI package if possible, and require explicit confirmation before creating, updating, deleting, purchasing, or changing billing, users, settings, or subscriptions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.