MakeX

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it gives agents broad ability to run real actions in connected services using an organization token, so it needs careful review before installation.

Install only if you trust MakeX, Composio, and the publisher with organization-level integration access. Use the narrowest token and connected accounts available, avoid giving the token to broadly autonomous agents, disable tracing unless needed, and require explicit approval before any action that sends, posts, deletes, or changes data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill documents endpoints that can execute real third-party actions such as sending email or interacting with connected services, but it does not warn users that these are external, state-changing operations. In an agent context, this omission increases the chance that an LLM or operator will treat the endpoints as harmless introspection and trigger unintended actions against live accounts.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal