Back to skill

Security audit

Macro Helper

Security checks across malware telemetry and agentic risk

Overview

The main macro helper is purpose-aligned, but the package also includes an unrelated utility script that quietly stores local command history and user-provided data.

Review before installing. The core VBA helper appears local and understandable, but avoid using the unrelated macro-helper utility commands with sensitive workbook names, business data, credentials, paths, or private notes unless you are comfortable with that data being stored under the local macro-helper data directory. Test any generated VBA on workbook copies before running it on important files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The script's functionality materially diverges from the declared Excel/VBA assistant purpose and instead implements a generic local data collection and logging CLI. In an agent-skill ecosystem, this mismatch is dangerous because users or orchestrators may grant trust, installation, or execution privileges based on the declared macro-helper purpose while the code performs unrelated persistent local data handling.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The inline help and banner explicitly describe the tool as a generic 'Multi-purpose utility tool,' which contradicts the advertised Excel macro/VBA helper identity. This inconsistency increases supply-chain and trust risk because it suggests the package may be mislabeled, repurposed, or attempting to obscure its true behavior from reviewers and users.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The logging helper writes command activity and arguments to a persistent history file without any user-facing notice, retention policy, or opt-in control. In the context of an agent skill, command arguments can contain sensitive workbook names, search terms, paths, or other user data, so silent persistence creates privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The add command persists arbitrary user-provided input directly into a local data file without clear disclosure or purpose limitation. Because the skill is presented as an Excel/VBA assistant rather than a note-taking database, users may unintentionally provide sensitive macro code, credentials, file paths, or business data that then remains on disk.

VirusTotal

44/44 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.