Security audit

CoolTrade 股票行情与分析大师

Security checks across malware telemetry and agentic risk

Overview

This is a coherent CoolTrade finance integration, but it needs review because it can create/delete persistent alerts and handles the CoolTrade API key in URL-based requests without clear confirmation controls.

Install only if you trust CoolTrade with your financial queries and API key. Use a limited, rotateable key if possible, review agent actions before creating or deleting alerts, and avoid enabling automatic alert changes unless you are comfortable with WeChat/Telegram notifications being configured from chat requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The trigger examples for generating a daily A-share report are broad conversational phrases, which can cause the skill to activate in contexts where the user did not explicitly intend to invoke this capability. In an agent environment, ambiguous triggers can lead to unintended external API calls, report generation, or scheduled/push workflows being initiated from casual conversation.

Vague Triggers

Low

Confidence: 75% confidence
Finding: The alert-list query examples are vague and do not clearly constrain which alerts, accounts, or channels should be in scope. In a multi-user or multi-channel context, ambiguous phrasing can increase the risk of exposing monitoring metadata or causing the agent to retrieve or act on a broader set of alerts than the user intended.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The alert management skills can create and delete user-specific alerts, which are account-affecting actions, yet the skill descriptions do not require explicit confirmation or warn the user that state will be modified on their CoolTrade account. This creates a real risk of unintended actions being triggered from ambiguous natural-language requests, especially because these operations are exposed as simple GET endpoints and may be auto-invoked by an agent.

Vague Triggers

Low

Confidence: 84% confidence
Finding: The daily report skill says to call it for broad phrases like daily report, market summary, or today's market recap, which overlap with common financial discussion and can cause the agent to invoke the tool when the user only wants a conversational summary. This is an overbroad trigger problem that can lead to unnecessary third-party requests and unintended disclosure of user interest to the external service.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.