交易记录生成

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a local bank-record-to-Excel converter, but it can overwrite an original bank CSV input without clearly warning the user.

Review before installing. Run it only on copied bank exports, keep backups of originals, use restricted input and output folders, and inspect generated workbooks before relying on them for accounting.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The docstring describes the tool as generating an Excel transaction record, but the implementation also rewrites the source CSV in place via clean_csv_file(). This mismatch is dangerous because users may run the tool expecting read-only processing and unintentionally lose original banking data, comments, or formatting needed for auditing or recovery.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: clean_csv_file() opens the provided CSV, removes lines, and writes the cleaned content back to the same path without backup, confirmation, or atomic safety measures. In a financial-records context this can destroy original transaction exports and audit artifacts, making data loss or integrity disputes more serious than in a low-value workflow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal