Security audit

Endowment Effect

Security checks across malware telemetry and agentic risk

Overview

This is a text-only behavioral economics coaching skill with no code execution or data access, though users should apply its free-trial and personalization advice ethically.

Install only if you want behavioral-economics guidance for negotiation, pricing, or product design. When using its SaaS trial or personalization suggestions, require clear user consent, easy data deletion/export, salient renewal terms, and cancellation that is no harder than signup.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill explicitly recommends using free trials, personalization, and data import to increase user attachment and willingness-to-pay, which can encourage manipulative product design without sufficient privacy, consent, or data-minimization guardrails. Although it later mentions an ethical check and FTC click-to-cancel risk, the operational guidance still normalizes behavioral manipulation and collection/use of user data as a retention lever.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.