Back to skill

Security audit

Reddit Stonks

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it analyzes public Reddit and market data with DeepSeek, but users should understand the external AI and finance-advice risks.

Install only if you are comfortable with public Reddit and Yahoo Finance data being processed by DeepSeek using your API key. Treat the output as educational, not financial advice, and prefer a pinned or locked dependency environment before running it somewhere sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill metadata declares runtime requirements but does not clearly declare or constrain effective capabilities, while the documented behavior requires network access, environment secret use, and likely local file writes during setup/runtime. This weakens the security boundary and informed-consent model, because a user or platform may invoke the skill without understanding that it can exfiltrate scraped content and stock data to external services using an API key.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger phrases are broad enough to match common investing questions such as 'what should I buy' or 'best stock this week,' which can cause the skill to activate in ordinary conversations without the user realizing a Reddit-scraping, third-party-AI workflow is being invoked. In this context, overbroad activation increases the chance of unexpected network access, external data sharing, and unvetted financial recommendations being surfaced as if they were routine assistant output.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The description does not clearly warn users that collected Reddit content and stock data are sent to Deepseek for external analysis, which creates a transparency and data-handling problem. Even if the scraped sources are public, users should be explicitly informed that content is transmitted to a third-party AI service, especially in a finance-related skill where outputs may influence consequential decisions.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The code sends aggregated Reddit-derived content and stock-context data to a third-party AI service without any visible disclosure, consent gate, or data minimization controls. Even if the scraped data is largely public, transmitting collected external content and derived analytics to another processor can create privacy, compliance, and user-expectation risks, especially in a web app that appears to perform analysis server-side without informing users.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code sends aggregated Reddit-derived content and stock-context data to DeepSeek without an explicit, prior user-facing disclosure or consent step at the point of transmission. Even if the data is scraped from public sources, this is still third-party data sharing to an external AI provider and can create privacy, compliance, and user-expectation risks.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
app.py:23

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
stonks.py:24