Teamwork

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Teamwork integration, but it grants broad authority to read, change, and delete Teamwork data without clear confirmation guardrails.

Install only if you trust Membrane and want an agent to work with your Teamwork account. Use a least-privileged Teamwork account where possible, require explicit confirmation before create, update, complete, delete, or raw proxy requests, and revoke the Membrane connection when it is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description is broad enough to trigger on many ordinary requests involving Teamwork data, increasing the chance the agent invokes this capability without clear user intent or sufficient scoping. Because the skill can manage organizations and users and later exposes destructive operations, overbroad routing raises the risk of unintended access, modification, or deletion actions.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill advertises destructive actions like task deletion and completion without any warning, approval checkpoint, or confirmation guidance. In an agent setting, this can lead to irreversible or hard-to-recover state changes from ambiguous prompts, mistaken tool selection, or prompt injection affecting operational decisions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal