Back to skill

Security audit

Receipt Snap

Security checks across malware telemetry and agentic risk

Overview

This skill handles sensitive receipts, but its Google Drive, Google Sheets, exchange-rate, and local CSV behavior is disclosed and fits its tax-tracking purpose.

Install only if you are comfortable storing receipt images and expense metadata in your Google account and a local CSV. Use a dedicated private Drive folder and Sheet, authenticate gog yourself, keep the local log outside shared or committed directories, and review receipts for sensitive information before processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tainted flow: 'LOG_FILE' from os.environ.get (line 44, credential/environment) → open (file write)

Medium
Category
Data Flow
Content
"EUR Amount", "Exchange Rate", "Category", "Drive Link", "Notes"]

    write_header = not os.path.exists(LOG_FILE)
    with open(LOG_FILE, 'a', newline='', encoding='utf-8') as f:
        writer = csv_module.writer(f)
        if write_header:
            writer.writerow(header)
Confidence
86% confidence
Finding
with open(LOG_FILE, 'a', newline='', encoding='utf-8') as f:

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill invokes shell commands, accesses environment variables, performs network calls, and writes to local/remote storage, yet it declares no explicit permissions. That creates an authorization gap: an orchestrator or reviewer cannot accurately constrain what the skill is allowed to do, increasing the chance of unintended data exfiltration or destructive actions involving financial documents and Google account resources.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The README instructs users to upload receipts and log expense metadata to Google Drive and Google Sheets in the normal usage flow, but it does not clearly warn that receipts can contain sensitive financial and personal data. In a tax-reporting skill, this omission increases the chance that users process regulated or confidential information without understanding retention, sharing, or access implications across third-party services.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.