Skill Earnings Tracker
Security checks across malware telemetry and agentic risk
Overview
This is a coherent local earnings tracker, but it misleadingly claims encrypted/private storage while actually writing earnings data as plaintext files.
Review before installing if you plan to record real revenue, credit balances, customer details, or sensitive notes. Treat the earnings files as plaintext local records, avoid logging secrets or private customer data, and only add cron jobs after checking the exact command and how to remove it.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.