ClawHub

Placetel

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Placetel/Membrane integration, but it grants broad authenticated API access that is wider and less guarded than the stated organization-management purpose.

Install only if you are comfortable giving the agent broad Placetel access through Membrane. Use a least-privileged Placetel/Membrane account, prefer prebuilt actions, and require explicit confirmation before create, update, delete, billing, export, permission, backup, restore, or raw proxy requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill metadata says it is for managing Organizations, but the body documents a much broader and partly unrelated administrative surface, including calls, users, billing, files, exports, backups, permissions, and other resources. This scope mismatch can mislead an agent or reviewer into granting broader operational authority than expected, increasing the chance of unintended high-privilege actions or data access.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The generic proxy facility allows arbitrary API requests through an authenticated Membrane connection, bypassing the narrower 'manage Organizations' framing and any safety benefit of curated actions. In practice, this can enable unrestricted reads, writes, deletions, exports, or configuration changes across the connected Placetel tenant if the connection has sufficient privileges.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The proxy-request guidance encourages direct API use without any warning that requests and responses may contain sensitive business, employee, customer, call, billing, or other regulated data. That omission increases the risk of over-collection, accidental transmission of sensitive fields, or unsafe handling of high-risk endpoints by downstream agents.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal