B2b Saas Pricing Coach

Security checks across malware telemetry and agentic risk

Overview

This is a text-only B2B SaaS pricing coaching skill, with the main caution being to avoid sharing unnecessary confidential customer data.

Reasonable to install as a pricing-advice skill. Before using it with real account data, remove customer names and contract identifiers unless the environment is approved for confidential business data, and use aggregated cohorts, price bands, renewal windows, and health segments when that is enough.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill explicitly recommends collecting a full customer list, current prices, contract end dates, and expansion/contraction trends without any minimization, redaction, or confidentiality guidance. In real deployments, this can prompt users to expose sensitive commercial data, customer identifiers, and contractual information into the agent workflow, increasing the risk of unauthorized disclosure, overcollection, or retention of business-sensitive records.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal