Funding Trend Forecaster

Security checks across malware telemetry and agentic risk

Overview

This is not malware, but it presents mock-data forecasts as real grant-trend analysis, so users could be misled by its reports.

Treat this as a prototype or demo, not a reliable funding-intelligence tool. Do not use its forecasts, growth rankings, or INVEST recommendations for funding, business, or research decisions unless real source ingestion and clear provenance labeling are added. Install only in an isolated Python environment and choose output paths carefully.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 91% confidence
Finding: The documented purpose claims NLP-based forecasting on real NIH/NSF/Horizon data, but the analyzed behavior indicates simulated datasets, speculative heuristics, and recommendation generation instead. This is dangerous because users may make funding or investment decisions based on fabricated or misleading outputs while believing they are grounded in real external data and substantive analysis.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The skill advertises analysis of real NIH, NSF, and Horizon Europe grant abstracts, but the main execution path always generates synthetic mock data instead of ingesting those sources. This is a security-relevant integrity issue because downstream users or agents may trust fabricated results as if they were evidence-based, enabling deceptive reporting, bad decisions, or misuse in automated pipelines.

Description-Behavior Mismatch

Medium

Confidence: 88% confidence
Finding: The forecast includes hard-coded long-term predictions that are not derived from the analyzed corpus, while presenting them in the same report as analysis-driven outputs. This creates a provenance and trust problem: speculative assertions can be mistaken for model-backed conclusions and mislead users into acting on unsupported claims.

Intent-Code Divergence

Medium

Confidence: 85% confidence
Finding: The code generates explicit 'INVEST' recommendations from simplistic topic-growth heuristics even though the skill is framed as a grant-funding trend forecaster, not a financial advisory tool. In an agent setting, this can inappropriately escalate informational analysis into actionable financial advice without safeguards, validation, or domain controls.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The skill advertises external data collection and report/file generation without clearly warning users before network access or filesystem writes occur. In an agent setting, undisclosed outbound requests and file creation can surprise users, violate policy expectations, and increase the risk of unintended data exposure or modification of workspace contents.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal