Insurance & Actuarial Engine

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a coherent insurance-analysis helper, but users should treat any underwriting, claims, health, or financial inputs as sensitive regulated data.

Before installing or using this skill, confirm that any underwriting, claims, medical, financial, or policy data is authorized for use in your environment. Redact or minimize sensitive fields where possible and follow your organization’s privacy, retention, and compliance requirements.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: This skill explicitly targets underwriting, medical underwriting, claims processing, fraud detection, and policy comparison, all of which commonly involve highly sensitive personal, financial, and health-related data. The description advertises broad data ingestion and analysis capabilities but provides no warnings, handling constraints, or privacy/security guidance, increasing the risk that users will submit regulated data without appropriate safeguards or minimization.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal