Back to skill

Security audit

marcus-investment-analyst

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed stock-analysis and backtesting tool, but users should treat its recommendations cautiously and understand it can update local market-data files.

Install only if you are comfortable running local Python scripts for A-share stock analysis. Back up any existing /root/data stock databases before running the indicator updater, review the scripts and dependencies first, and treat backtest results and portfolio suggestions as informational rather than reliable investment advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill instructs the agent to run local Python scripts and update indicator data, which implies file-write capability, yet no permissions are declared. This creates a transparency and least-privilege problem: an operator may invoke the skill without realizing it can modify local files or databases under /root paths.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The example invocation phrases are broad natural-language requests such as '有什么投资建议?', which can overlap with normal conversation and accidentally trigger the skill when a user is speaking generally rather than explicitly invoking it. In an investment-advice context, unintended activation is more sensitive because it can cause unsolicited financial guidance, analysis, or downstream data access without clear user intent.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger phrases include very common requests such as stock analysis, backtesting, and investment advice, which can match ordinary user prompts too broadly. Over-broad triggering can cause unintended skill activation, leading the agent to execute local scripts or access sensitive financial data paths when the user did not explicitly request this skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.