The Education of a Value Investor

Security checks across malware telemetry and agentic risk

Overview

This is a text-only investing education skill with no executable code, credential use, persistence, or hidden data access.

Install if you want book-framed value-investing education. Be aware it may activate on general investing or self-improvement language, and do not rely on it for personalized investment decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list includes broad generic terms such as "investing," "stock market," and "long-term thinking," which can cause the skill to activate in many unrelated contexts. This can lead to unintended routing, override more appropriate domain skills, and increase the chance that users receive book-specific investing guidance when they did not ask for it.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The invocation logic allows activation on any mention of broad concepts without contextual boundaries, making the skill susceptible to false-positive invocation. In a multi-skill environment, this can degrade reliability, confuse users, and crowd out more relevant skills by matching overly common financial or self-improvement language.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal