Moltin

Security checks across malware telemetry and agentic risk

Overview

This Moltin ecommerce skill appears coherent, but it gives broad live-store API mutation authority without clear confirmation or scoping safeguards.

Install only if you intend to let the agent operate on a Moltin/Elastic Path commerce tenant. Before use, require explicit approval for any create, update, patch, or delete request, prefer scoped Membrane actions over raw proxy calls, and test against a non-production store first.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill description is broad enough to match generic 'manage data, records, and automate workflows' requests, which can cause the agent to invoke this integration outside clearly ecommerce-specific Moltin tasks. In a skill that can read, modify, or delete external business data, over-broad routing increases the chance of unintended actions against a live tenant.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The proxy request section documents arbitrary direct API access, including POST, PUT, PATCH, and DELETE, but does not warn that these requests may modify or permanently delete Moltin data. Without a caution or confirmation requirement, an agent may use raw requests for convenience and perform high-impact state changes without sufficient user awareness.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal