Back to skill

Security audit

Roi Incremental Tracking

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrowly scoped ROI tracker that writes local report files and runs a dashboard script, with no evidence of hidden data access, exfiltration, persistence, or destructive behavior.

Reasonable to install if you want local ROI tracking. Before use, check whether reports/roi already contains data you care about, ask the agent to avoid overwrites or make backups, and verify the dashboard script exists and is the expected skill-provided file before allowing it to run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
89% confidence
Finding
The skill directs the agent to create and overwrite files under `<workspace>/reports/roi/` (`config.json`, CSVs, copied script, regenerated `index.html`) without any explicit confirmation or warning that existing local data may be modified. In an agent setting, silent filesystem writes can lead to unintended data loss, stale reports being overwritten, or user surprise, even if the target path is narrowly scoped and the purpose is legitimate.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The closeout instructions tell the agent to run `python3 <workspace>/reports/roi/render_roi_report.py` but do not explicitly disclose to the user that local code will be executed. Even though the script is expected to be copied from the skill, executing code in the workspace increases risk because the file could be modified, replaced, or simply perform unexpected local actions without informed user consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.