Security audit

Local Budget

Security checks across malware telemetry and agentic risk

Overview

This is a local budgeting helper that reads user-provided financial CSVs and writes local JSON or markdown reports, with privacy caveats but no evidence of hidden data sharing or destructive behavior.

Install only if you are comfortable processing bank or credit-card exports with local scripts and with the agent reviewing transaction data for categorization. Keep CSVs and generated JSON/markdown reports in a private local folder, avoid synced or shared Obsidian vaults unless intended, and review low-confidence categories before relying on the report.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill instructs the agent to create JSON and markdown output files and explicitly suggests writing reports into user-selected locations such as an Obsidian vault, but it declares no permissions. That mismatch matters because financial CSVs contain sensitive data, and undeclared write behavior reduces transparency and may lead to accidental creation of sensitive artifacts in unsafe locations.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The trigger phrases are very broad and cover common finance-related language such as budget, spending, transactions, and monthly expenses. That increases the chance of unsolicited activation in ordinary conversations, which is risky here because the skill handles highly sensitive financial files and may prompt file processing or report generation when the user did not intend to invoke it.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill tells the agent to parse bank and credit-card exports and generate JSON/markdown reports, including saving directly into an Obsidian vault, but it does not warn that these outputs can contain account activity, merchant names, dates, and spending patterns. In context, this is more dangerous because the data is inherently sensitive financial information, and writing derivative files expands the exposure surface beyond the original export.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal