Security audit

支付宝账单汇总

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Alipay bill-summary helper, but it handles sensitive financial data and creates recurring reports that users should enable deliberately.

Install only if you want automated Alipay financial summaries, trust the separate Alipay data-access skill, and understand where reports will be delivered. Choose only the periods you need, keep reports private, and make sure you know how to remove the cron jobs if you stop using it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list contains broad phrases like '消费分析' and '账单报告' that can match ordinary user requests and unintentionally invoke a skill that accesses highly sensitive financial information. In the context of Alipay billing data, over-broad activation increases the chance of unintended scheduling or data retrieval beyond what the user explicitly intended.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill sets up recurring billing summaries over sensitive financial data but does not prominently warn users that this creates ongoing automated access and repeated report generation. Because the reports include detailed spending categories, payment methods, and large expenses, insufficient disclosure can lead to privacy harm, unexpected retention, and repeated exposure of financial data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal