Back to skill

Security audit

AR & DSO Discipline — Get Paid Faster

Security checks across malware telemetry and agentic risk

Overview

This is a plain-text business guidance skill for improving invoice collections, with no code or requested system access.

This skill is reasonable to install as business-process guidance. Use it when receivables and late invoice payment are actually relevant, and review suggestions like late fees, work stops, credit holds, or changed payment terms against your contracts, customer relationships, and applicable law before applying them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The activation description uses broad, everyday phrases such as 'cash is tight' and 'clients don't pay on time,' which can match many normal business conversations beyond the intended receivables-management context. In an autonomous agent system, this increases the chance of unintended skill invocation, causing the agent to apply AR/collections guidance when it is not appropriate or requested.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.