Security audit
Bytesagain Charts
Security checks across malware telemetry and agentic risk
Overview
This charting skill appears local and purpose-aligned, but it needs review because it silently keeps chart history and can generate HTML/SVG files with unsanitized user-provided text.
Review before installing if your charts may contain sensitive business data. Use it only with trusted CSV/JSON or pasted labels when generating HTML/SVG, and check or clear the local chart-generator history if chart titles or filenames should not persist on disk.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.