Stock Valuation using Aswath Damodaran methodologies
Security checks across malware telemetry and agentic risk
Overview
This is a coherent setup and troubleshooting guide for a local stock valuation app, with the main Docker, API key, and prompt-dump risks disclosed.
Before installing, inspect the cloned StockValuation.io repository and Docker Compose file, keep secrets in a local .env file, provide only the API keys needed for your workflow, avoid prompt dumping for sensitive work, and use Docker volume deletion only when you intentionally want to erase local state.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.