Ai Prompt Arsenal

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only prompt library with no executable behavior, though users should treat the crypto and trading prompts cautiously.

Install only if you want a broad AI prompt template pack. Review the crypto research and trading-bot prompts before use, add your own risk disclaimers and verification steps, and do not treat generated crypto or trading output as personalized financial advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill description is very broad and includes many loosely related domains such as content creation, crypto research, business automation, and code generation. In agent environments that use description-based routing, this can cause the skill to be invoked for unrelated user requests, increasing the chance of inappropriate prompt injection exposure, poor task selection, or unintended handling of sensitive tasks.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The crypto research prompt explicitly asks for an investment thesis while also instructing that no financial advice disclaimer is required. This can encourage the model to produce authoritative-seeming investment guidance without risk framing, which is especially problematic in a prompt library intended for reuse at scale in crypto and NFT contexts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal