Pipedrive
Security checks across malware telemetry and agentic risk
Overview
This Pipedrive skill is a coherent CRM integration, but it gives an agent broad ability to change live business records without explicit confirmation guardrails.
Install only if you trust Membrane with access to your Pipedrive workspace. Use the least-privileged Pipedrive account practical, review requested permissions during connection, and require the agent to show exact records, fields, endpoint, method, and payload before any create, update, or delete operation.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.