Tookan

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Tookan integration skill, but it can affect live business data through Membrane and should be used deliberately.

Install only if you trust Membrane and intend to connect it to the selected Tookan account. Prefer read-only discovery first, require explicit confirmation before creating, updating, deleting, dispatching, billing-related, or bulk-changing records, and revoke the Membrane/Tookan connection when it is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation condition is very broad: 'Use when the user wants to interact with Tookan data' does not constrain read-only vs destructive operations, data sensitivity, or required confirmation boundaries. In a skill that can manage records and automate workflows against a live third-party system, vague triggering increases the chance the agent invokes the skill in contexts involving sensitive, high-impact, or unintended operations.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill description and guidance do not include a user-facing warning that the integration may expose sensitive operational data or perform destructive changes such as modifying tasks, teams, orders, or automations. Without an upfront warning, users and downstream agents may treat the skill as low risk and proceed without appropriate review or confirmation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal