Equity Valuation Framework

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed equity valuation template that formats already-provided financial data and does not request hidden access, installation scripts, persistence, or credentials.

Safe to install as an advisory finance-analysis skill. Treat its outputs as research support, not personalized financial advice, and share portfolio or proprietary investment details only if you are comfortable using them in the agent session.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Low

Confidence: 88% confidence
Finding: The 'When to trigger' section uses broad phrases like 'is it cheap/expensive' and 'build an investment memo' without clear exclusion conditions or negative examples. In an investing assistant context, these could match a wide range of ordinary user questions, increasing the chance of unintended invocation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal