Legacy

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is not malware, but it asks for or implies access to sensitive financial account data without clear limits or controls.

Install only if you are comfortable with a skill that discusses sensitive financial records. Do not provide bank, brokerage, billing, tax, session, or account credentials to it. Use manually selected, minimal, redacted information, and verify legal, tax, and investment outputs with qualified professionals.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Intent-Code Divergence

High

Confidence: 97% confidence
Finding: The skill is presented as a family inheritance and legal-planning tool, but the documented capabilities shift into investment analytics, transaction history, statement export, tax details, and near-real-time financial synchronization. This scope mismatch can mislead routing, user consent, and trust boundaries, causing the agent to invoke the skill for sensitive financial operations the user did not reasonably expect from the manifest.

Description-Behavior Mismatch

High

Confidence: 96% confidence
Finding: The documented behavior expands materially beyond inheritance/legal guidance into investment tracking, billing exports, tax details, and market-synced account activity. Hidden or under-declared expansion of financial scope is dangerous because it can enable access to highly sensitive financial data and actions under a misleading description, weakening user understanding and platform review controls.

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger examples are so generic that they could match many unrelated user requests, increasing the chance the skill is invoked outside its intended context. In a skill touching legal and financial topics, overbroad invocation is more dangerous because it may surface sensitive capabilities or misleading advice when the user did not intend to use this specific tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal