Copilot Money Mac

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent, local-only helper for reading Copilot Money data, but it exposes sensitive financial records to the agent session.

Install only if you want an agent to inspect your local Copilot Money data. Ask narrow questions, prefer date-limited SELECT queries, avoid full table dumps, and treat anything returned in the chat as sensitive financial information.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill is explicitly designed to access highly sensitive local financial data, including transactions, balances, budgets, investments, and institution details, but it provides no user-facing privacy warning, consent language, or data-minimization guidance. In this context, the omission is dangerous because financial records are especially sensitive and the skill also includes direct filesystem paths and extraction methods for SQLite and Firestore caches, making broad access easier if invoked without clear user awareness.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal