Back to skill

Security audit

Personal Finance Beancount

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate Beancount analysis skill, but it handles sensitive financial records and gives finance/dashboard guidance without enough privacy and safety boundaries.

Review this skill carefully before installing. Use it only with ledger files you are comfortable exposing to your agent environment, prefer redacted snippets over full ledgers when possible, and do not paste third-party Fava dashboard scripts unless you trust and understand them. Treat any financial, tax, debt, or investment recommendations as general information, not professional advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly encourages reading uploaded Beancount files and analyzing personal financial records, but it provides no instruction to warn users that these files may contain highly sensitive data such as account names, payees, balances, income, and transaction history. In a finance-focused skill, this omission increases privacy risk because users may overshare confidential data without being prompted to redact or minimize what they upload.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This documentation shows dashboard `script` blocks that execute JavaScript in the Fava dashboard context, including access to query results, helper functions, and browser APIs such as `window.open`, but it does not clearly warn that these are active code execution hooks rather than passive configuration. In a skill intended to help users build finance dashboards, that omission increases the chance a user will paste or adapt untrusted dashboard code, leading to client-side script execution, data exposure, or unsafe actions in the browser context.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This document provides specific financial, tax, budgeting, debt, and investment guidance without a clear user-facing disclaimer that it is general educational content rather than personalized professional advice. In the context of a personal-finance advisor skill, users are likely to rely on these recommendations as individualized guidance, which can lead to harmful financial decisions, unsuitable investment allocation, or tax mistakes if their circumstances differ from the assumptions in the guide.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.