Delaware Franchise Tax

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly a legitimate Delaware tax-filing guide, but it includes under-scoped automation guidance for a live government filing portal, including CAPTCHA image extraction.

Use this primarily as a calculation checklist and filing guide. Before installing or using automation, understand that it may drive a live government filing portal; keep CAPTCHA solving, final review, submission, and all payment details manual, and avoid connecting broad banking or cloud-storage access unless strictly needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The notes explicitly recommend programmatically fetching CAPTCHA image bytes as a fallback during automation, which facilitates automated CAPTCHA handling on a government filing portal. Even if not paired with OCR here, this materially lowers the barrier to bypassing an anti-automation control and could enable scripted filing attempts or abuse of the portal. In this skill context, the risk is elevated because the target is a live Delaware state filing system handling official submissions and payments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal