Back to skill

Security audit

cashbook

Security checks across malware telemetry and agentic risk

Overview

This is a local personal bookkeeping skill whose file access and database changes match its stated purpose, with one documentation completeness issue around export support.

Install only if you are comfortable storing personal finance records in a local SQLite database on this machine. Confirm parsed entries before saving, use dry-run for CSV imports, and be aware that the advertised export command is missing in this version.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Tp4

High
Category
MCP Tool Poisoning
Confidence
87% confidence
Finding
The skill advertises screenshot processing, natural-language bookkeeping, and export behavior that are not actually evidenced by the described command surface, creating a trust and safety gap between what users believe the skill does and what is implemented. Security-wise, description-behavior mismatch can cause users or orchestrators to grant broader trust, invoke unsupported flows, or mishandle sensitive financial data under false assumptions about confirmation, parsing, and storage behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.