Back to skill

Security audit

Analytics & Tracking Setup

Security checks across malware telemetry and agentic risk

Overview

This is an analytics setup helper with privacy-sensitive third-party tracking guidance, but the reviewed files do not show hidden execution, credential access, persistence, or automatic data collection.

Install only if you intend to work on analytics or attribution. Before using any Segment, GA4, Facebook Pixel, Gumroad, or webhook guidance, confirm user consent requirements, update your privacy notice, avoid sending unnecessary personal data, and resolve the Segment-vs-UTM documentation mismatch so operators know what the skill actually does.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill metadata declares no permissions, yet the skill's stated use of Segment implies outbound network communication and transmission of analytics data. This mismatch can bypass user expectations and security review controls, increasing the risk of unapproved data egress.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The document claims a privacy-first approach while also directing broad instrumentation and use of Facebook Pixel, which sends user activity to a third-party ad platform. This creates a misleading privacy posture that can result in noncompliant data collection, invalid consent handling, and user deception if implemented as written.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The statement that the product is 'Local-first' and stores no data externally conflicts with planned use of GA4, Facebook Pixel, Gumroad analytics, and webhooks, all of which transmit data to external services. This is dangerous because it can misrepresent the system's data flows to users, auditors, or developers and lead to privacy violations or regulatory exposure.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill has empty trigger patterns and no meaningful activation constraints, which can make invocation overly broad or ambiguous in an agent environment. For a skill that handles analytics and identity data, underspecified triggering raises the chance of accidental activation and unintended external disclosure.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill description says it tracks events and user behavior using Segment but does not prominently warn that user identifiers, traits, and behavioral data may be sent to a third-party service. This omission undermines informed consent and can lead to privacy, compliance, and data-governance violations when users provide names, emails, or other identifying information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.