Thena
Security checks across malware telemetry and agentic risk
Overview
This Thena integration appears legitimate, but it gives an agent broad authenticated account access through Membrane and should be reviewed before installation.
Install only if you trust Membrane and the connected Thena account scope. Prefer least-privileged Thena access, confirm any create/update/delete operation before it runs, prefer discovered Membrane actions over raw proxy calls, and revoke the connection when the skill is no longer needed.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.