Security audit

Llm Usage Aggregator

Security checks across malware telemetry and agentic risk

Overview

This skill is a local LLM usage reporting tool; it processes user-supplied usage files and writes an Excel report, with privacy considerations around user identifiers but no evidence of hidden or malicious behavior.

Install/use this only for usage logs you are authorized to process. The output Excel file can include email addresses, phone numbers, or user IDs in summary and detail sheets, so redact or restrict sharing if the report leaves your team.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 76% confidence
Finding: The documented purpose does not fully match the described behavior: the skill appears to support additional file types, adds internal/external user classification logic, and performs richer pricing and reporting behavior than the headline description suggests. That mismatch can cause users to expose more data than intended or misunderstand how sensitive identifiers such as email/phone are processed, which is a real security and privacy risk even if not overtly malicious.

Description-Behavior Mismatch

Low

Confidence: 73% confidence
Finding: The script derives a combined per-user identifier from email, phone, or user_id and later exports detailed per-user usage data. In the context of an aggregation tool, this creates a privacy risk because the implementation goes beyond internal/external classification and preserves personally identifiable information in the generated report, which can widen data exposure if the report is shared.

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: This code combines and classifies user identifiers from email, phone, and user_id, then uses them downstream in the output workbook without any consent gate, warning, or minimization. In a reporting skill handling usage logs, that increases the chance of accidental disclosure of PII to anyone receiving the generated Excel file.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal