Back to skill

Security audit

Einstein Research — Options Strategy Advisor

Security checks across malware telemetry and agentic risk

Overview

This options-analysis skill is a read-only financial calculator that discloses its market-data use and does not control accounts or place trades.

Install only if you are comfortable with ticker symbols and related strategy queries being used for external market-data lookups, likely through FMP. Treat its output as educational modeling, verify prices and option quotes with your broker or official sources, and do not provide brokerage credentials or rely on it as personalized financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill declares no available tools or permissions, yet its workflow explicitly instructs running a Python script that fetches market data over the network. This creates a transparency and governance gap: operators and users may believe the skill is offline-only while it actually performs external data access, which can bypass review controls and violate least-privilege expectations.

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The stated description emphasizes analysis and simulation, but the implementation behavior includes live data retrieval from external Financial Modeling Prep endpoints. That mismatch is dangerous because it conceals external dependencies and data flows from reviewers and users, increasing the chance of unauthorized network access, policy violations, or trust decisions based on incomplete documentation.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill describes fetching historical or other market data from external sources without a clear warning that user-supplied tickers, dates, and strategy context may trigger outbound requests. While the data is not highly sensitive in most cases, the lack of disclosure undermines informed consent and can expose usage patterns or proprietary trading research interests to third-party services.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.