Security audit

Airtable Automation

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward Airtable automation helper, but it can change or delete live Airtable records if the connected account permits it.

Install only if you intend to let an agent operate on Airtable through Rube. Connect an Airtable account with the least permissions needed, and require confirmation before create, update, or delete actions, especially bulk deletes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly includes delete operations (`AIRTABLE_DELETE_RECORD` / `AIRTABLE_DELETE_MULTIPLE_RECORDS`) as part of the standard workflow but provides no guidance to require user confirmation, preview affected records, or verify scope before destructive actions. In an automation skill for a live Airtable environment, this omission can lead to accidental or overly broad data deletion, especially if an agent follows the documented sequence directly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal