Panzura

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Panzura integration, but it gives an agent broad credentialed access to enterprise storage and admin APIs without clear safeguards for state-changing actions.

Review carefully before using this in a production Panzura environment. Use a least-privilege connection, confirm any operation that changes files, users, permissions, policies, settings, firmware, support access, or retention state, and consider pinning or independently reviewing the Membrane CLI before global installation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly documents a generic proxy mechanism that supports state-changing HTTP methods against the Panzura API without any accompanying warning, confirmation guidance, or guardrails for destructive operations. In an agent context, this increases the chance of unintended modification, deletion, or administrative changes being executed directly against enterprise storage infrastructure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal