Back to skill

Security audit

Just Fucking Cancel

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed subscription-audit helper, with sensitive optional Plaid access that users should enable only intentionally.

Install this only if you want subscription analysis of your financial transactions. Prefer CSV mode if you want local processing. If you enable Plaid, understand that transaction data may go to Plaid and that Plaid credentials or access tokens should be stored carefully, rotated if exposed, and removed when no longer needed. Consider narrowing or avoiding broad triggers like "save money" to reduce accidental activation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrase set is broad enough to match ordinary financial-help requests beyond the narrow task of subscription cancellation. This can cause unintended skill activation on sensitive budgeting conversations, increasing the chance that users are prompted to share transaction data when they did not specifically ask for subscription analysis.

Vague Triggers

Medium
Confidence
84% confidence
Finding
This trigger is ambiguous and may activate during general account-review or spending-analysis requests that are not actually about subscriptions. In a finance skill, accidental invocation is riskier because it can steer users into exposing bank transaction data under a broader-than-expected scope.

Credential Access

High
Category
Privilege Escalation
Content
description: Plaid secret key (optional - only needed for Plaid integration)
    required: false
  - name: PLAID_ACCESS_TOKEN
    description: User's Plaid access token for their connected bank account (optional)
    required: false
triggers:
  - cancel subscriptions
Confidence
72% confidence
Finding
access token

Credential Access

High
Category
Privilege Escalation
Content
**Important**: This requires Plaid credentials and sends data to Plaid's servers:
- `PLAID_CLIENT_ID` - Your Plaid client ID
- `PLAID_SECRET` - Your Plaid secret key
- `PLAID_ACCESS_TOKEN` - Access token for the bank connection

**Privacy note**: When using Plaid, transaction data is transmitted to Plaid's API. CSV analysis is fully local.
Confidence
78% confidence
Finding
Access token

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
89% confidence
Finding
The trigger 'save money' is broad and overlaps with generic assistant functionality, making accidental shadowing of built-in or unrelated finance-help behaviors plausible. Because this skill may request uploads of transaction CSVs or use banking integrations, unintended activation could expand data collection beyond user intent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.