Security audit

Perspective Transform Visualizer

Security checks across malware telemetry and agentic risk

Overview

The visualizer mostly matches its stated purpose, but the packaged local page automatically loads an unrelated third-party visitor-counter script despite being presented as offline-capable.

Review before installing. The visualizer itself is scoped and does not request secrets or elevated privileges, but the local page is not fully offline because it loads a third-party visitor counter. Remove or disable the busuanzi script before use if you want a local-only tool.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (6)

Description-Behavior Mismatch

Medium

Confidence: 87% confidence
Finding: The skill expands from a local/offline tool to directing users to a hosted external website, which changes the trust boundary and data exposure model. Without prominent consent and privacy disclosure, user-supplied parameters, referrer information, and access metadata may be exposed to a third-party service unexpectedly.

Description-Behavior Mismatch

Medium

Confidence: 97% confidence
Finding: The page includes an unrelated third-party visitor counter script even though the skill is described as a local visualization/debugging tool. This expands the trust boundary, enables external code execution in the page context, and may leak usage metadata to a third party without necessity.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: Loading the external statistics service gives the skill outbound network access that is unnecessary for a teaching/demo visualization. Even if only intended for page-view counting, it allows data transmission and dependency on remote infrastructure that can change behavior or become malicious later.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill instructs editing a local HTML file and launching a browser without clearly warning the user first. Unexpected file modification and process launching can violate user expectations, overwrite prior local state, and create opportunities for accidental misuse in broader automation contexts.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The remote-device workflow sends users to an online URL without an explicit warning that parameters may be transmitted to a remote website. This is dangerous because users may assume the tool is offline/local and unknowingly disclose transformation inputs or related metadata to a third party.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The external visitor counter likely sends page-visit information to a third party without any visible disclosure or consent flow. In a simple educational visualization, undisclosed telemetry is a privacy and transparency issue and creates avoidable exposure for users.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.