Security audit

Logistics Watcher

Security checks across malware telemetry and agentic risk

Overview

This package-tracking skill appears purpose-aligned, with the main caveat that shipment history is stored locally in plaintext.

Before installing, understand that shipment details may be saved locally in plaintext. Use it only on a machine where local files are appropriately protected, and check whether the skill documents where the store lives, how to delete old tracking records, and how long history is retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The fallback LocalStore persists tracked package data, including tracking numbers, courier metadata, package names, status history, timestamps, and locations, to a plaintext JSON file under the user's home directory without any consent flow, retention policy, or access controls. In a logistics-monitoring skill, this data can reveal purchasing activity, movement patterns, and home/work locations, so silent local persistence increases privacy risk if the host is shared, backed up, or otherwise accessed by other local processes/users.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.