Back to skill

Security audit

Tally Prime Skill

Security checks across malware telemetry and agentic risk

Overview

This TallyPrime skill is accounting-focused and not malicious, but it can make persistent live bookkeeping and inventory-master changes that need careful review.

Install only if you are comfortable letting the agent write to a TallyPrime company. Use a backup or test company first, and require the agent to show the exact company, voucher, ledgers, stock items, UOMs, stock groups, godowns, amounts, and GST fields before it posts or creates anything. Approve each master-data creation separately.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill documentation instructs the agent to create stock groups, units, stock items, and godowns when missing, which is a state-changing expansion beyond the declared purpose of posting entries and generating PDFs. In an accounting system, automatic master creation can permanently alter inventory configuration and enable unintended or fraudulent postings without explicit user approval.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The instructions authorize modifying Tally master data without warning the user that the operation will create persistent accounting and inventory records. Because these masters affect downstream bookkeeping and tax behavior, silent creation increases the risk of unauthorized changes, data integrity issues, and concealment of erroneous or abusive activity.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.