Back to skill

Security audit

Trading Coach

Security checks across malware telemetry and agentic risk

Overview

This trading-analysis skill appears purpose-aligned, but it asks users to run mutable external code on sensitive brokerage data, so it needs careful review before use.

Review the referenced GitHub repository and dependencies before running anything, prefer a virtual environment or container, and use copied CSVs with account numbers and unnecessary personal details removed. Do not provide API keys unless you understand which external services will receive requests, and treat the generated scores and suggestions as informational rather than financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list includes broad, natural-language phrases such as '帮我复盘' and '分析我的交易', which can cause the skill to activate in situations where the user did not clearly intend to invoke this specific capability. In a skill that processes sensitive financial trading data, overbroad activation increases the chance of unintended routing, unnecessary exposure of user-provided CSVs, or inappropriate financial-analysis behavior in adjacent conversations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.