Security audit

Portfolio Risk Allocation Reviewer

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only portfolio review helper with no executable code or hidden data access, though its broad auto-invocation wording could make it appear in loosely related finance conversations.

Install only if you want a general portfolio allocation and risk-review helper. Avoid sharing account credentials or unnecessary personal financial details, and treat outputs as decision support rather than professional financial, tax, or legal advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (9)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrases are generic and include broad business terms plus a direct invocation pattern, which increases the chance the skill is activated for loosely related requests. In a financial-analysis context, unintended invocation can route users into portfolio guidance workflows when they did not explicitly request them, creating workflow confusion and elevating the risk of inappropriate or overconfident financial assistance.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger phrases are very broad and include generic business and portfolio terms, which can cause the skill to activate in contexts the user did not clearly intend. Overbroad activation creates prompt-routing risk: unrelated financial queries, sensitive investment discussions, or adjacent operations requests may be captured by this skill and produce unsuitable or overly confident guidance.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The manifest description uses broad activation language such as general business-and-operations and implementation-support phrasing that could cause the skill to match many unrelated financial or operational requests. Overbroad routing can incorrectly invoke this skill in contexts involving sensitive financial guidance, leading to irrelevant or misleading analysis and increasing the chance of unsafe task capture by the wrong skill.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The trigger keywords include ambiguous terms like risk review and investment policy without scope boundaries, which can match a wide range of unrelated or higher-stakes financial tasks. This weakens skill isolation and can cause unintended activation for requests outside the intended brokerage-export portfolio review workflow.

Vague Triggers

Low

Confidence: 78% confidence
Finding: The example trigger sentences are malformed and overly generic, so they do not provide clear, bounded activation patterns for the router or user. While not directly exploitable like code execution, poor trigger examples contribute to misrouting and make broad invocation behavior more likely.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The manifest description uses broad business and finance terms plus a long 'validated demand' statement, which can cause the skill to match ordinary portfolio or operations requests that may not actually need this specific workflow. Overbroad trigger scope increases the chance of inappropriate activation, context hijacking, or accidental routing of sensitive financial discussions into a generic skill path.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The keyword trigger list includes generic phrases like 'business-and-operations' and common finance terms that are likely to appear in many ordinary conversations. This creates trigger collisions and may invoke the skill when the user did not intend portfolio-allocation review, increasing the risk of misrouting, irrelevant instructions, and overcollection of sensitive brokerage-related context.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The default prompt and skill description use very broad trigger terms such as business-and-operations, portfolio allocation, risk review, workflow, artifact, checklist, analysis, and implementation support. Combined with allow_implicit_invocation=true, this creates a real risk that the skill is activated in contexts the user did not specifically intend, which can route sensitive financial discussions into this skill unexpectedly and cause over-collection or inappropriate handling of brokerage-related data.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger sentences are broad enough to match many ordinary finance or workflow requests, which can cause the skill to activate outside its intended scope. Over-broad activation is dangerous because it can silently steer users into this skill's framing, crowd out more appropriate tools, and increase the chance of unintended processing of sensitive financial data.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal