ClawHub

Tyche — Habit & Goal Tracker

Security checks across malware telemetry and agentic risk

Overview

This invoice helper appears to run locally and do what it says, but it creates a local report containing sensitive client and billing details.

Install only if you are comfortable with a local Markdown report being created in your working directory. Keep invoice CSVs and generated reports out of shared or synced folders unless intended, review the pip install step before running it, and treat any Tyche Pro/Ko-fi upgrade as separate third-party content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill claims it 'runs entirely locally' and that no data is transmitted, but the documented install and upgrade flow requires fetching packages from pip and linking to external commercial add-ons. That statement is misleading security documentation: users may lower their guard and trust the package despite network-dependent installation and an upsell path to third-party content.

Description-Behavior Mismatch

Low
Confidence
84% confidence
Finding
The skill writes a Markdown report to disk containing client names, emails, amounts, due dates, and invoice text, but the high-level description emphasizes invoice generation and reminders without clearly disclosing persistent storage. This can expose sensitive billing data to other local users, backups, sync tools, or later accidental sharing.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill silently creates a local report file with detailed client and invoice data, yet the markdown description does not warn users about this side effect. In a finance/billing context, this is more sensitive than generic output because it contains customer identities, emails, payment status, and amounts, which may be confidential business information.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal