Black Scholes

Security checks across malware telemetry and agentic risk

Overview

This appears low risk to install, but the supplied scan suggests it may be a poor or generic finance reference rather than a true Black-Scholes helper.

Install risk appears low from an agent-security perspective, but do not rely on this skill for option pricing, Greeks, trading, compliance, or financial decisions unless you verify the content against authoritative quantitative finance sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 94% confidence
Finding: The skill advertises itself as a Black-Scholes reference tool, but the documented commands suggest largely generic finance/compliance content rather than focused Black-Scholes formulas, Greeks, assumptions, or pricing guidance. This can mislead an agent into selecting the skill for quantitative finance tasks and then receiving irrelevant or low-quality output, creating integrity and decision-support risk in financial workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal