Finance Customer Service Hub

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This appears to be a finance customer-service guidance skill, with no evidence of malware or hidden execution, but its activation wording should be used carefully in sensitive banking contexts.

Install only for banking or securities customer-service drafting and support workflows. Configure narrower activation triggers, confirm the user's language, and route real account-specific, authenticated, or sensitive customer matters through approved secure channels.

SkillSpector (2)

By NVIDIA

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger terms are very broad and map to generic financial-service concepts, so the skill may activate in many ordinary finance-related conversations where the user did not intend to invoke this specialized workflow. In a financial domain, unintended activation can misroute users, inject domain-specific guidance unexpectedly, and increase the chance of inappropriate or non-compliant assistance.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: Marking Chinese triggers as preferred creates a locale bias that may cause the skill to steer interactions into Chinese or prioritize Chinese-language activation without explicit user choice. In a regulated financial-support context, this can degrade user understanding, create consent and accessibility issues, and increase the risk of miscommunication about important service information.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal