Back to skill

Security audit

Construction Quote & Job Costing

Security checks across malware telemetry and agentic risk

Overview

The skill itself is a normal construction estimating guide, but its metadata advertises unrelated purchase and crypto capabilities that users should review before granting.

Install only if you are comfortable with the advertised capabilities. The content looks like a construction quote generator, but do not grant purchase, payment, or crypto authority unless the publisher explains why those permissions are required. Treat generated quotes as estimates and verify prices, regulations, tax/VAT, and contract terms before using them with clients.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.