Security audit

Option Calculator

Security checks across malware telemetry and agentic risk

Overview

This option calculator mostly matches its purpose, but it needs review because crafted inputs can make it run local code and it automatically stores pricing history.

Review before installing. Use only trusted, manually typed numeric inputs, and assume price calculations may be stored in $HOME/.option-calculator/history.log. The maintainer should validate numeric arguments safely, pass values to Python without source interpolation, fix or remove the documented directory override, and make history logging opt-in with clear delete and disable controls.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (7)

Description-Behavior Mismatch

Medium

Confidence: 88% confidence
Finding: The skill persists pricing command history to a local file, which creates a data-retention surface not implied by the main purpose of a calculator. Even if the data seems low sensitivity, command history can reveal trading interests, strategies, or user inputs and may be readable by other local processes or users depending on filesystem permissions.

Context-Inappropriate Capability

Medium

Confidence: 84% confidence
Finding: Local command-history logging is not necessary for core pricing functionality and therefore expands the skill's data-handling behavior beyond what users may reasonably expect. Unnecessary persistence increases privacy and forensic exposure, especially on shared systems or environments where home directories are backed up or monitored.

Description-Behavior Mismatch

Medium

Confidence: 98% confidence
Finding: The script creates a persistent data directory under the user's home directory, establishing undeclared local storage for a tool whose stated purpose is transient option calculations. In this skill context, persistence is not necessary for core functionality and increases privacy risk because user inputs and derived trading-related data may be retained longer than expected.

Description-Behavior Mismatch

Medium

Confidence: 99% confidence
Finding: The price command appends user-supplied parameters and computed results to a history log in plain text without user consent or notice. Even though the data is financial rather than system-secret material, it can reveal trading interests, strategies, or proprietary analysis inputs and creates an unnecessary persistence channel.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill states that it automatically creates a directory and appends command history to disk, but it does not present this as a prominent privacy warning or consent point. Persistent logs can accumulate potentially sensitive financial-analysis activity and may surprise users who expect a terminal calculator to be stateless.

Missing User Warnings

Low

Confidence: 96% confidence
Finding: The script writes pricing inputs to persistent history but does not warn users in the header or help output, so users are likely to assume calculations are ephemeral. The missing disclosure makes the persistence behavior more dangerous because it defeats informed consent and can lead to accidental exposure on shared systems.

Ssd 3

Medium

Confidence: 98% confidence
Finding: Command arguments and results are logged in plain text to a predictable file under the user's home directory, making them recoverable by anyone with access to that account or backups. In a finance-related calculator, such logs can expose sensitive research, position planning, and pricing assumptions even if no credential material is present.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.