Moskit

Security checks across malware telemetry and agentic risk

Overview

This Moskit skill is a real Membrane integration, but it gives an agent broad authenticated ability to change CRM data through raw API requests without enough confirmation guidance.

Install only if you are comfortable letting an agent operate an authenticated Membrane connection to Moskit. Use least-privileged access, prefer discovered Membrane actions over raw proxy requests, and require explicit approval before POST, PUT, PATCH, DELETE, file, user, or bulk CRM operations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The activation description is overly broad, which can cause the skill to be invoked for generic CRM or data-management requests beyond the user’s clear intent. In an agentic environment, over-triggering a network-capable skill increases the chance of unnecessary data access or unintended actions against a connected tenant.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill exposes a generic proxy request mechanism that can send arbitrary authenticated API calls, including state-changing methods, without any accompanying warning to require explicit user confirmation for writes. In context, this effectively gives the agent a powerful low-level escape hatch that can modify or delete remote CRM data if misused or triggered by ambiguous instructions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal