Security audit

Ad Budget Governor

Security checks across malware telemetry and agentic risk

Overview

This skill is a small, disclosed local budget-checking helper that reads configured spend ledgers and writes its own cap state without network access or hidden behavior.

Before installing, configure LEDGER_PATHS narrowly to the intended ad-spend ledger files and make sure only trusted operators or workflows can call set_cap, since changing the cap changes what spend the governor will allow.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 84% confidence
Finding: The skill documentation describes reading multiple ledger JSON files and updating budget state, which implies file read/write behavior, but the manifest declares only a binary requirement and no corresponding permissions. This mismatch can cause the agent to run with broader implicit capabilities than reviewers expect, reducing transparency and weakening permission-based security controls.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal