Back to skill

Security audit

Supalytics - Web Analytics

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate analytics CLI skill, but its setup guidance asks for administrator-level system changes that users should review before installing.

Install only if you trust Supalytics and are comfortable with its CLI having access to your analytics account. Prefer adding ~/.bun/bin to PATH instead of using sudo symlinks, and only run site add/update/remove/default commands when you explicitly intend to change analytics configuration.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill is described as being for querying analytics data, but the documentation also includes site management actions such as creating, updating, setting defaults, and removing sites. In an agent context, this broadens the operational scope from read-only analytics access to state-changing actions, increasing the chance of unintended modifications if an agent follows the docs literally.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The documentation instructs the user or agent to run privileged system-wide symlink commands with sudo into /usr/local/bin. In an agent setting, this creates unnecessary host-level persistence and modifies global system state unrelated to the core task of querying analytics, which can be abused or can destabilize the environment.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill recommends sudo-based filesystem changes without warning about security or operational consequences. This is dangerous because agents or users may execute privileged commands reflexively, granting broader system access and creating persistent modifications for convenience rather than necessity.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.