Back to skill

Security audit

Dexcom CGM

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it advertises: it uses Dexcom credentials to fetch and display glucose readings, with the main risk being careful handling of sensitive medical-account credentials and health data.

Install only if you are comfortable giving the skill access to your Dexcom account credentials and showing glucose readings to the agent session. Prefer a secret manager or tightly permissioned local configuration, avoid committing or syncing the password in dotfiles, and rotate the Dexcom password if you suspect exposure.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill declares required environment variables containing sensitive credentials, but the skill manifest does not declare corresponding permissions. This creates a transparency and trust problem: users may supply secrets to a skill without an explicit permission boundary, increasing the risk of unintended credential exposure or misuse by the executed script.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation instructs users to place Dexcom username and password in environment variables or a local config file without warning that these are sensitive medical account credentials. Storing credentials this way can lead to leakage through shell history, process environments, backups, shared dotfiles, or improperly protected local configuration files, exposing access to private health data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.