Security audit

Investment Committee

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed investment-analysis workflow that fetches market data, produces Chinese reports, and may post or save those reports, but it does not show hidden credential use, trading authority, or malicious behavior.

Install only if you are comfortable with AI-generated investment reports that may be posted to the current Discord channel and saved in workspace history. Use private channels for personal holdings, review or delete archived reports as needed, and independently verify market data and recommendations before acting.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill invokes a Python script to fetch live market data from an external source, which is a network-capable action, but no permissions are declared. Undeclared network access weakens user consent and platform policy enforcement, especially in a finance-oriented skill where users may assume purely analytical behavior.

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The workflow includes sending the generated report to the current Discord channel and archiving it to workspace history, but the top-level description only promises analysis output. This creates an undisclosed data egress and retention path that could expose sensitive portfolio positions, profit/loss status, or investment intentions to third parties or future readers.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The instruction to send reports to the current Discord channel introduces external transmission of potentially sensitive financial information without any user warning or consent. In an investing context, holdings, position sizing, and trade intentions are especially sensitive and could lead to privacy harm or unwanted disclosure if posted to a shared channel.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: Archiving reports to workspace history creates persistent storage of sensitive investment data without user-facing notice. Even if storage is local to the workspace, retained reports can later be accessed, reused, or leaked beyond the user's expectation of a transient advisory interaction.

Natural-Language Policy Violations

Medium

Confidence: 90% confidence
Finding: The file is entirely authored in Chinese and defines mandatory report structure and wording without offering a language fallback or documenting that the skill is Chinese-only. This can exclude users who cannot read Chinese, cause misunderstanding of financial recommendations, and reduce the user's ability to verify risk disclosures and position guidance.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.