Bank Reconciliation

Security checks across malware telemetry and agentic risk

Overview

This is a coherent accounting workflow skill, but it handles sensitive bank and QuickBooks data and leaves local files behind.

Install only if you trust the local bank-reconciliation pipeline and QBO client it tells you to run. Use least-privilege QuickBooks access where possible, confirm the client slug before running, and store generated workbooks and .cache files only in approved, private, access-controlled locations rather than a shared or synced Desktop.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This is a true vulnerability in the skill documentation and operational design: the skill explicitly writes reconciliation workbooks to the user's Desktop and stores per-client reconciliation state in a local cache, but it does not warn that these artifacts contain sensitive financial data such as bank activity, balances, outstanding checks, and potentially client identifiers. In an accounting context, local plaintext storage on shared workstations, unmanaged laptops, synced Desktop folders, or developer machines increases the risk of unauthorized disclosure, accidental retention, and audit/privacy issues.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal