Copilot Money Skill

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed Copilot Money finance CLI wrapper, but it handles sensitive financial data and can read a browser session token for authentication.

Install only if you are comfortable giving an agent access to your Copilot Money data. Prefer manual token entry or an explicit browser source if you do not want broad browser scanning, review the external `copilot-money-cli` package before use, and ask for confirmation before running refresh actions against bank connections.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill description is broadly scoped to trigger on generic finance-related requests such as balances, transactions, net worth, and syncing bank data. In an agent environment, this can cause the skill to activate for many sensitive financial queries and perform high-impact actions like refreshing bank connections without sufficiently narrow user intent checks, increasing the chance of over-collection or unintended access to personal financial data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal