Agent Usage Tracker

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local usage and budget tracker that stores token/cost records in SQLite, with no artifact-backed evidence of hidden network access or unsafe behavior.

Before installing, review npm dependency resolution, choose the SQLite database path deliberately, and avoid storing secrets, full prompts, customer data, or credentials in the optional metadata field unless local retention is acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 83% confidence
Finding: The skill advertises a local SQLite/TypeScript workflow but does not declare any permissions, while static analysis detected network-capable code. That mismatch can cause operators to trust the skill as local-only when it may initiate outbound connections, creating hidden data exfiltration or supply-chain risk if prompts, usage metadata, or pricing data are sent externally.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal