Pitchly

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate Pitchly integration, but it gives an agent broad authenticated ability to change Pitchly data without clear in-skill confirmation guardrails.

Install only if you intend to connect an agent to your Pitchly account. Use the least-privileged Pitchly account available, verify the Membrane CLI source before installing it globally, and require the agent to show the exact action or API request and get your confirmation before any create, update, delete, publish, or workflow-changing operation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill documents direct action execution and raw proxied API requests, including support for POST, PUT, PATCH, and DELETE, without requiring confirmation gates or warning that these operations may modify or delete remote data. In an agent setting, this increases the chance of unintended state-changing operations against a live Pitchly environment, especially when the model infers intent from ambiguous user requests.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal