Back to skill

Security audit

Budgetly

Security checks across malware telemetry and agentic risk

Overview

BudgetLy matches its stated local budgeting purpose, but users should know it stores financial notes in plain-text local files.

Install only if you are comfortable with budget entries, balances, tax notes, and exports being stored unencrypted under ~/.local/share/budgetly. Avoid entering bank logins, full account numbers, or secrets, and protect or periodically delete that directory on shared or backed-up machines.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The implementation materially diverges from the declared budgeting purpose and instead behaves as a generic note/logging utility with broad data collection commands. This is dangerous because users may trust it with sensitive financial information under false assumptions about functionality, retention, and scope, increasing the risk of oversharing and misuse.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill exposes extra capabilities such as arbitrary history logging, broad search, export, compare, and tax-note handling that exceed the stated budgeting use case. In a finance context, unnecessary capabilities widen the attack surface and make it easier to aggregate, discover, and expose sensitive personal spending data beyond user expectations.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly stores sensitive financial information in plaintext local logs and export files, including balances, tax notes, spending history, and account details, without any privacy warning, retention guidance, or protection controls. In the context of a personal-finance skill, this is more dangerous because the stored data is inherently sensitive and may be exposed to other local users, backups, malware, or accidental sharing via exported files.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
User-supplied finance-related input is written verbatim to local log files without any explicit notice, consent flow, or sensitivity warning. Because budgeting data often contains merchants, categories, account hints, and spending habits, silent persistence can create privacy and compliance risks if the host is shared, backed up, or later accessed by other tools.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The export feature aggregates all stored logs into json/csv/txt files, which can consolidate sensitive financial history into easily transferable artifacts without any privacy warning or confirmation. In the context of a budgeting skill, this increases the chance of accidental disclosure through shared directories, backups, sync services, or downstream processing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.