Invoices

Security checks across malware telemetry and agentic risk

Overview

This is a transparent invoice-organizing skill whose sensitive behaviors are expected for managing invoices, though users should scope email and URL use carefully.

Safe to install for invoice management if you are comfortable storing invoice PDFs and extracted metadata locally. Use a dedicated invoice mailbox, folder, or label before enabling email automation; avoid broad inbox monitoring; only provide trusted invoice portal URLs; and protect ~/invoices because it may contain tax IDs, addresses, amounts, payment references, and long-retained business records.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The workflow includes mailbox scanning, auto-forwarding, and marking emails as processed, but it does not require explicit informed consent, scope limitation, or a clear warning that the agent will access and modify the user's mailbox. This creates a real privacy and integrity risk because the agent may process unrelated messages, expose sensitive email contents, or alter message state in ways the user did not fully anticipate.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal