Advisory Council

Security checks across malware telemetry and agentic risk

Overview

This appears to be a market-analysis helper that runs a local script, with no artifact-backed evidence of theft, persistence, or destructive behavior.

Install only if you are comfortable with a skill that may execute a local Python market-analysis script. Review the script before use if available, and ask for confirmation before running analyses that could incur API costs or influence financial decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill recommends triggering expensive, external-command execution for broad, natural-language requests such as general market questions or routine workflows. This can cause unintended runs, unnecessary API usage, and execution of a live script without clear user confirmation, which is risky because the skill explicitly instructs the agent to execute shell commands and trust the script's real output.

Natural-Language Policy Violations

Low

Confidence: 82% confidence
Finding: The instruction to report results to 'Boss Man' imposes a specific address style without user opt-in, which can lead to unprofessional or inappropriate interactions and social-engineering style conditioning. In this skill, that concern is slightly elevated because the document also contains imperative language pushing real command execution, making the tone-control instruction part of a broader pattern of agent steering.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal