Security audit
Api Cost Tracker
Security checks across malware telemetry and agentic risk
Overview
This is a local API spending analyzer that may handle sensitive billing exports, but the reviewed artifacts do not show hidden data access, network calls, persistence, or account changes.
Install only if you are comfortable running a local script over API usage or billing exports. Prefer explicit local export files, keep those files out of shared folders, and review generated reports before sharing because they may reveal spending patterns and model usage. Do not rely on the documented API-key auto mode; it does not appear implemented in the bundled script.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.