ClawHub

QuickTaxReturn — AI Tax Preparation

Security checks across malware telemetry and agentic risk

Overview

This tax-prep skill is not malware, but it asks users to handle highly sensitive tax information and its privacy and CPA handoff safeguards are under-scoped.

Install only if you are comfortable using this chat environment for tax information. Do not enter full SSNs, bank account numbers, IRS IP PINs, or prior-year AGI unless truly necessary, and review/redact any intake package before sharing it with a CPA through a secure channel.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The document claims QuickTaxReturn is "not storing or transmitting your tax data," yet it also instructs the agent to generate an intake package populated with all collected taxpayer data for a CPA handoff. That creates a misleading privacy representation and can cause unauthorized disclosure or user consent issues because users may share sensitive tax data under false assumptions about how it will be handled.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill directs the agent to collect highly sensitive tax data in chat, including full legal names, dates of birth, dependent details, financial form contents, and other personal tax attributes, while only warning not to request SSNs. In a chat-based environment, this creates substantial privacy and data-exposure risk because users may disclose enough information for identity theft, account takeover, or sensitive profiling if logs, transcripts, or downstream systems are accessed or mishandled.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The referral workflow tells the agent to populate an intake template with all collected tax data, but it does not require a privacy warning, data-minimization, or informed consent regarding sensitive financial and identity information. In a tax-preparation context, this is especially risky because the collected data may include SSNs, income records, and other highly sensitive personal information that should not be repackaged for third-party sharing without clear authorization and handling safeguards.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The template explicitly instructs the agent to present a completed intake package containing highly sensitive tax data, but it does not require any privacy warning, redaction, or secure-delivery guidance. In a tax context, bundling SSNs, dates of birth, addresses, income records, and bank details into a single user-facing document increases the chance of accidental exposure, shoulder-surfing, insecure storage, or copying into unsafe channels.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This file presents detailed tax rules and calculation guidance in an authoritative tone ('verified from primary IRS sources') without a clear disclaimer that it is informational only and may not cover taxpayer-specific facts, later IRS corrections, or final form instructions. In a tax-preparation context, users may reasonably rely on it as determinative guidance, creating a material risk of incorrect filings, penalties, or missed credits if any rule is stale, incomplete, or misapplied.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The document instructs users to extract and confirm values from forms such as W-2s, 1099s, SSA-1099s, and 1098-E, which commonly contain highly sensitive personal and financial data, but it provides no privacy or data-minimization warning. In an agent workflow, this can encourage over-collection or unsafe handling of tax documents and identifiers, increasing the chance of unnecessary exposure of personal data.

Ssd 3

High
Confidence
96% confidence
Finding
The skill directs the agent to aggregate all session-collected taxpayer data into a single handoff document and present it to the user, including identifiers and banking information later defined in the template. Centralizing full tax identity data, financial account details, and authentication values in one output creates a high-value target for data leakage through chat history, logging, screenshots, or downstream integrations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal