Back to skill

Security audit

OPC Cashflow Manager

Security checks across malware telemetry and agentic risk

Overview

This is a local cash-flow forecasting skill that handles sensitive business finance data, but its file access and persistence match its stated purpose and no hidden network, credential, or destructive behavior was found.

Install only from a source you trust, prefer copying just this skill rather than cloning an entire suite, and run it only against intended cashflow and invoice folders. Treat snapshots, reports, and imported invoice data as private business records. Before cancelling subscriptions or services based on its recommendations, check contracts, data export needs, operational dependencies, and rollback options.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to read and write local files, but no explicit permissions are declared or scoped. In an agent environment, this creates a confused-deputy risk where the skill may access or modify financial data outside an expected boundary, especially because it also integrates with invoice, contract, and product directories.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The skill advertises auto-import of sent and overdue invoices, AR aging, and collection data, which can involve sensitive financial records and customer information. Failing to warn users about data sensitivity, access scope, retention, and least-privilege handling increases the chance of overexposure or inappropriate processing of confidential business data, especially in a cross-skill integration context.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The mode-detection triggers are broad enough to match common phrases like 'status' or 'what if,' which can cause unintended activation of financial workflows. In a skill that reads and writes cashflow snapshots and imports data from other business directories, accidental invocation can expose or alter sensitive financial context without the user intending to enter this workflow.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The guidance to cut all Tier 1 items immediately and with 'no exceptions' can cause users to terminate services without checking cancellation terms, exported data, billing lock-ins, or hidden operational dependencies. In a cashflow-management skill, users may act quickly under financial stress, making this omission more likely to trigger avoidable outages, data loss, or reactivation costs.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The checklist says to cancel recurring charges immediately based only on whether the item was used in the last 30 days, which is an unsafe decision rule for business systems. Some infrequently used services are still essential for backups, renewals, compliance, recovery, or client integrations, so this advice can lead to service disruption or permanent data loss.

Natural-Language Policy Violations

Low
Confidence
94% confidence
Finding
The template includes prescriptive language — 'Conservative scenario should guide your decisions' — which steers user decision-making without an explicit opt-in or indication that this is configurable advice. In a cash-flow and survival-planning context, this can inappropriately bias financial decisions and may cause users to over-rely on one policy framing rather than their own risk tolerance or broader business context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.