Security audit

Vitamin

Security checks across malware telemetry and agentic risk

Overview

This is an offline vitamin-tracking CLI that stores user-entered wellness notes locally, with privacy and quality caveats but no evidence of deception, exfiltration, or destructive behavior.

Install only if you are comfortable with supplement and wellness history being stored as plaintext under `~/.local/share/vitamin/`. Avoid highly sensitive medical details, review or delete that folder when finished, and do not rely on `vitamin export <fmt>` until the duplicate export command bug is fixed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The case statement defines `export)` twice; in shell case dispatch, only the first matching branch runs, so the later `_export` implementation is unreachable. Users expecting a structured export of supplement history instead have arbitrary input appended to `export.log`, which is misleading and can cause sensitive health data to be mishandled, omitted from expected exports, or retained unexpectedly.

Intent-Code Divergence

High

Confidence: 96% confidence
Finding: The help text advertises `export <fmt>` support, but due to the duplicate `export)` case branch the advertised feature is not what actually executes. In a health-tracking context, misleading users about where their data goes or whether it is being exported can lead to unintended retention and disclosure of sensitive supplement/health records.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill handles health-related supplement intake data and activity history, yet the documentation does not prominently warn users that sensitive wellness information is stored on disk with ongoing logs. On shared machines, backed-up home directories, or compromised endpoints, these local files could expose private health habits and timelines to unauthorized parties.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script immediately creates a persistent data directory and writes user-supplied health-related inputs to local logs without any notice, consent prompt, or retention guidance. Because vitamin/supplement usage can reveal medical conditions or other sensitive personal information, silent persistence increases privacy and local disclosure risk, especially on shared systems or backed-up home directories.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The `_export` function aggregates all logged health history into a single export file without any privacy warning, access control hardening, or confirmation step. Consolidating sensitive entries into one file makes accidental sharing, exfiltration, or exposure through backups and sync tools easier than exposure of scattered per-category logs.

Ssd 3

Medium

Confidence: 97% confidence
Finding: The tool persistently stores and re-displays raw user inputs across history, search, recent, status, and export features with no minimization, redaction, retention limit, or masking. In the context of a vitamin/supplement tracker, those inputs can include medically sensitive information, and broad redisplay materially increases the chance of shoulder-surfing, shared-terminal exposure, or unintended local disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal