Paymill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate PAYMILL integration, but it gives broad authenticated control over payment-related records without clear safeguards for write or delete actions.

Install only if you trust Membrane and are comfortable granting access to PAYMILL payment data. Require explicit user approval before any refund, subscription change, payment modification, deletion, or other write operation, and prefer listed Membrane actions over raw proxy requests unless the exact endpoint, method, and payload have been reviewed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly documents raw proxy requests with support for POST, PUT, PATCH, and DELETE against a payment-related API, but provides no guardrails about confirmation, least privilege, or destructive consequences. In a financial context, this can enable accidental or overly autonomous modifications such as refunds, subscription changes, or record deletion through generic agent behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal