Document Ingestion

Security checks across malware telemetry and agentic risk

Overview

This accounting document-ingestion skill is purpose-aligned and transparent, though users should understand that live QuickBooks account lookup may involve sensitive accounting metadata.

Install only where handling client accounting records is appropriate. Use --no-qbo-coa for offline processing, and enable live QBO lookup only after confirming the correct QuickBooks account, credentials, and client consent. Review the generated exceptions and import CSV before importing anything into QBO.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly states it fetches the live QuickBooks Online Chart of Accounts for categorization, but it does not clearly warn the user that this involves accessing/transmitting potentially sensitive accounting metadata to an external SaaS environment. In an accounting workflow, hidden or unclear data transfer expectations can create privacy, consent, and compliance risk, especially when processing client financial records.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal