淘宝投放数据分析

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended for local ad and finance analysis, but it can persist sensitive raw business data into desktop HTML reports without enough scoping or privacy guidance.

Install only if you are comfortable giving the skill access to a dedicated folder of advertising and financial exports. Use a narrow input directory, set a private output directory, and treat generated HTML/CSV reports as sensitive records; review or redact them before sharing.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Low

Confidence: 86% confidence
Finding: The file is labeled as a simple test, but it accesses and processes a real, user-specific dataset from a hard-coded absolute path under a personal Documents directory. This mismatch can mislead reviewers about the code's data access scope and increases the risk of unintended disclosure of local sensitive business data when the script is run in another environment.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The HTML report embeds raw data samples from all three DataFrames directly into the generated file, which can persist potentially sensitive business or financial information to disk without redaction, minimization, or any consent/warning mechanism. If the input data contains personal, financial, or confidential operational fields, the report can leak that information to anyone with filesystem access or through later sharing of the report.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal