G2量化交易策略

Security checks across malware telemetry and agentic risk

Overview

This stock-trading skill is mostly coherent, but it asks for unrelated wallet/signing capability and contains under-scoped trading/data behaviors that users should review before installing.

Review before installing. Do not grant wallet or transaction-signing permissions unless the publisher clearly explains why a stock-analysis skill needs them and you can approve each action. Run only the included stock_analysis_v5.py in an isolated workspace first, treat the backtest claims as unverified financial marketing, and back up any OpenClaw finance database before using save or workflow features.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The configuration contains contradictory execution rules: elsewhere it states stop-loss/take-profit decisions should use closing prices only, but the monitoring section says some sell triggers should execute immediately or in real time. In an automated or semi-automated trading agent, this ambiguity can cause inconsistent behavior, unexpected premature liquidation, or bypass of intended risk controls depending on which rule the implementation follows.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal