ClawHub

Showpad

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Showpad integration, but it gives broad authenticated Showpad API access without clear safeguards for write or delete actions.

Install only if you are comfortable letting Membrane and the agent access your Showpad tenant. Use a least-privileged Showpad account, avoid raw proxy requests unless necessary, and require explicit confirmation before any POST, PUT, PATCH, or DELETE operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The manifest and description say the skill is for managing Organizations, but the body documents much broader Showpad access including files, folders, shares, users, and tags. This scope mismatch can cause an agent or user to invoke the skill under narrower assumptions while actually granting or using broader capabilities than expected.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill explicitly permits arbitrary proxy requests to the Showpad API, including mutating HTTP methods, which exceeds the stated organization-management purpose. This creates a generic API execution surface that could be used to access or modify unrelated Showpad resources with the connection's full privileges.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The invocation description is broad enough that the skill may activate for vague Showpad-related requests, even when the user did not intend organization management specifically. Over-broad triggering increases the chance of the agent selecting a powerful integration unnecessarily and exposing or modifying external data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation describes direct API requests with GET, POST, PUT, PATCH, and DELETE but provides no warning or guardrail around user impact, destructive actions, or confirmation requirements. In an agent setting, this can normalize unsafe autonomous mutations against live Showpad data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal