Back to skill

Security audit

Personal Bookkeeper

Security checks across malware telemetry and agentic risk

Overview

This is a local personal finance logging tool, but its records and exports are plain text and should be treated as sensitive.

Install only if you are comfortable storing financial notes in local plain-text files. Avoid entering bank credentials or full account numbers, protect the data directory and exports, and delete exported files when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill stores sensitive financial information in persistent plain-text files under the user's home directory, but the description does not prominently warn users about this privacy and confidentiality risk. Because the data includes expenses, income, balances, tax notes, and history, local compromise, shared accounts, backups, or shoulder-surfing of exported files could expose highly sensitive personal financial data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The export functionality writes potentially sensitive financial records to persistent files in a user-accessible directory without any notice, consent flow, access controls, or retention policy. In the context of a personal finance skill, silent persistence and bulk export materially increase the risk of privacy leakage through local compromise, backups, shared accounts, or accidental exposure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Nearly every command persists raw user input directly to disk, including categories such as tax notes, alerts, balances, and history that may contain highly sensitive financial details. Because this is a finance-focused skill, undisclosed long-term storage of plaintext entries is more dangerous than in a low-sensitivity context and can expose budgets, transactions, and tax-related information to other local processes or users.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.