Invoice Scan

Security checks across malware telemetry and agentic risk

Overview

This invoice-scanning skill clearly discloses that CLI mode sends invoice images to Anthropic and its behavior matches that purpose.

Install only if you are comfortable with the disclosed model: agent-native mode avoids the skill's external API call, while CLI mode sends full invoice images and extracted financial details to Anthropic using your API key. For regulated or confidential invoices, confirm your organization's approval for Anthropic processing and npm dependencies before using CLI mode.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The CLI processes invoices, which commonly contain sensitive financial and personal data, and sends them to an external AI provider without an explicit privacy warning or consent checkpoint. Users may reasonably assume local OCR behavior from a scanning tool and unknowingly transmit regulated or confidential documents to third parties.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The scanner sends full invoice/image contents to Anthropic via `fetch` without any visible consent, disclosure, or local-only safeguard in this code path. Because invoices commonly contain sensitive personal, financial, and tax data, silent transmission to a third-party AI provider creates a real privacy and compliance risk, especially in environments with strict data-handling requirements.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal