Antigravity Balance

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it checks local Antigravity quota data, but users should treat its output and verbose logs as sensitive.

Install only if you are comfortable with a script reading Antigravity process arguments, using the local CSRF token to query the local API, and displaying account identity plus quota details. Avoid verbose mode and JSON output in shared shells, screen recordings, CI logs, or support transcripts because they may reveal sensitive account details or token-bearing process arguments.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly describes querying a local API and displaying user name, email, tier, and model quota data, but it does not warn users that personally identifiable and account usage information will be collected from a local service and shown in output. This creates a real privacy risk because users may invoke the skill without understanding that identity data from a locally running Antigravity/Windsurf process will be accessed and exposed, especially in shared terminals, logs, or downstream JSON consumers.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal