A 股市场日报

Security checks across malware telemetry and agentic risk

Overview

This skill fetches public A-share market data from Eastmoney to print a market report, with no evidence of credential access, persistence, or data mutation.

Install only if you are comfortable with the skill making public HTTP requests to Eastmoney and installing the Python requests package. Treat the report as reference market information, not investment advice; verify important financial conclusions elsewhere.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill documentation clearly instructs use of external Eastmoney HTTP endpoints, so the skill has effective network capability while not declaring permissions. Hidden or undeclared network access reduces transparency and can bypass user or platform expectations about outbound data flows, even if the current purpose appears limited to market data retrieval.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 83% confidence
Finding: A description-behavior mismatch is a real trust and governance issue because users may invoke the skill expecting only a simple daily market summary while the underlying implementation apparently also retrieves additional stock-screening data such as historical/20-day/60-day new highs. Unexpected data collection or functionality expands the attack surface and can conceal behavior that users did not consent to or reviewers did not assess.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal