Back to skill

Security audit

Profit Margin Calculator

Security checks across malware telemetry and agentic risk

Overview

This is a simple ecommerce margin-calculation skill with no hidden access, persistence, credential use, or external data flow in the artifacts.

Installers should treat this as a lightweight business-calculation aid. Share only the sales and cost numbers needed, confirm whether you want gross, contribution, or net margin, ask the agent to respond in your preferred language if needed, and review any generated Python script before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The skill content is written entirely in Chinese and directs the interaction flow in Chinese without offering a language choice or documenting a locale-specific requirement. This can exclude users, cause misunderstanding of financial calculations, and increase the chance that users rely on outputs they did not fully understand, especially in a profitability-analysis workflow where terminology such as gross, contribution, and net margin must be interpreted precisely.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.