Tender Offer Arbitrage Scanner

Security checks across malware telemetry and agentic risk

Overview

This is a coherent financial research skill that browses public sources and saves a local report, with no evidence of hidden or harmful behavior.

Install only if you want an agent to browse public financial sources and create a local research report. Verify all SEC terms, current prices, deadlines, and broker tender-offer procedures independently, and check the `results/` folder before rerunning to avoid overwriting prior reports.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 83% confidence
Finding: The skill directs the agent to write a file to disk without any explicit user notice or consent step. While the target path appears limited and not overtly dangerous, undisclosed filesystem writes can surprise users, create unwanted artifacts, and normalize silent side effects that become riskier if the skill is reused in more privileged environments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal