Security audit
RIA — Client Behavior Coaching (Loss Aversion)
Security checks across malware telemetry and agentic risk
Overview
This is a text-only coaching skill for financial advisors that is coherent with its stated purpose and does not request code execution, credentials, persistence, or broad data access.
This appears safe to install as a text guidance skill. Because it concerns client investment behavior, users should treat it as coaching support rather than investment advice and ensure any recommendations remain consistent with the client’s plan, fiduciary obligations, and applicable compliance rules.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
