Security audit

Fatsecret Skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed FatSecret API helper that can change health-account records, but the artifacts are coherent and do not show hidden or unrelated behavior.

Install only if you trust FatSecret and the pyfatsecret dependency with your nutrition and health data. Keep the FatSecret client secret private, consider using a virtual environment and pinned dependency version, and configure manual-only mode or require confirmation before logging, editing, deleting, copying, or updating any FatSecret account record.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The README states the skill is invoked automatically when it matches a request, but provides no clear trigger boundaries or requirement for explicit confirmation before state-changing operations. In a skill that can log meals, edit diary entries, save meals, and update weight, vague auto-invocation language increases the risk that an agent will perform unintended account actions from an ambiguous user prompt.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README prominently advertises health/account-modifying capabilities like logging meals, tracking weight, and managing exercises without an explicit warning that these actions change persistent user data. In the context of an automatically invokable agent skill, this can cause users or integrators to underestimate the need for confirmation and auditability before modifying sensitive health-related records.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The skill allows autonomous invocation whenever the agent thinks a request matches broad food-related capabilities, including profile, diary, exercise, and weight operations. In an agent environment, this can cause the skill to activate on common health or food queries and potentially send sensitive nutrition or health-related data to a third-party API without sufficiently explicit user intent for that specific integration.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal