Back to skill

Security audit

gjsw

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent tax-platform login helper, but it handles sensitive credentials and reusable browser sessions with enough weak scoping and warnings that users should review it carefully before installing.

Install only if you trust the publisher and intend to automate login for an account you control. Use it on a private machine, avoid passing real passwords in commands that may be logged, remove ./chrome_profile when finished if you do not want sessions retained, and confirm the tax service permits automated CAPTCHA/login workflows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises persistent session reuse via a Chrome profile directory but does not prominently warn users that cookies, session tokens, and other authentication artifacts may remain on disk after login. In the context of a tax-platform login skill, this is more dangerous because retained browser state may expose highly sensitive government-account access on shared or compromised machines.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The script accepts username and password as positional command-line arguments, which can expose secrets through shell history, process listings, job control tools, audit logs, and orchestration telemetry. In this skill's context, those credentials are for a government tax platform, so compromise could grant access to sensitive taxpayer information and account actions.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.