Redis Labs

Security checks across malware telemetry and agentic risk

Overview

This Redis Labs skill is coherent, but it gives an agent broad authenticated access to make Redis API requests, including changes and deletes, without clear confirmation guardrails.

Install only if you trust Membrane and want an agent to manage Redis Labs resources. Use a low-privilege Redis/Membrane connection, prefer discovered actions over raw proxy calls, and require explicit approval before any create, update, or delete request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 92% confidence
Finding: The skill exposes a generic authenticated proxy that can send arbitrary HTTP methods and paths through an authorized Redis Labs connection. That exceeds a narrow, least-privilege skill design and can be abused to access undocumented endpoints, perform destructive mutations, or exfiltrate sensitive data using the user's authenticated session.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documentation describes direct API requests with mutating HTTP methods but does not warn that these operations can alter or delete data. In an agent setting, omission of mutation warnings increases the chance of unintended destructive actions because the model may treat all listed methods as equally routine.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal