Security audit

Finance Interview Generator

Security checks across malware telemetry and agentic risk

Overview

This is a simple finance interview question generator with no executable code, system access, credentials, or persistence.

Safe to install from a security perspective. Use it for finance interview preparation, and review generated questions for fairness, relevance, and employment-law compliance before using them in real hiring.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger keywords are broad enough to activate on generic recruiting or interview-related conversations, which can cause the agent to invoke this skill outside the user's intended context. While this is not a code-execution issue, it can lead to misrouting, irrelevant outputs, and unintended handling of HR-related prompts, reducing reliability and potentially exposing sensitive recruiting context to the wrong workflow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal