Company Investment Research

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only investment research template with no code execution or credential access, though users should verify any financial conclusions before acting.

Safe to install from a security perspective. Treat generated investment ratings, target prices, and forecasts as research drafts, verify current data from reliable sources, and consult a qualified financial professional before making investment decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Low

Confidence: 77% confidence
Finding: The usage examples instruct the agent to "end with a clear BUY/HOLD/SELL view," and the same fixed English labels are repeated in the output template. While the file is bilingual overall, this still imposes a specific language/locale convention for the core recommendation terminology rather than offering user choice.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal