Back to skill

Security audit

Token Tracker

Security checks across malware telemetry and agentic risk

Overview

This skill only reports current conversation token and cost metrics, with a minor chance of being invoked more broadly than intended.

This is reasonable to install if you want token and cost summaries. Be aware it may speak up on broad cost or usage wording, or after longer tasks, so users who only want on-demand reports may prefer to narrow the trigger wording.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger examples include very generic terms like "cost" and "usage," which can cause the skill to activate in unrelated conversations. This is a scope/quality weakness rather than a direct exploit primitive, but it can lead to inappropriate invocation, confusing responses, and accidental disclosure of session metrics when the user did not actually request them.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Triggering automatically at the end of any "long or complex" conversation lacks clear boundaries and exclusion conditions, which can cause unsolicited reporting of session statistics. In context, this is not highly dangerous because the skill only reports conversation-usage metadata, but it still creates an avoidable risk of unexpected behavior and minor privacy leakage.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.