Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
backtrader>=1.9.0 matplotlib>=3.0.0
- Confidence
- 92% confidence
- Finding
- backtrader>=1.9.0
backtrader
Security checks across malware telemetry and agentic risk
Overview
This is a coherent Backtrader documentation and demo skill with ordinary Python dependencies and no hidden execution, credential access, or data exfiltration behavior found.
Install in a virtual environment, consider pinning dependency versions for reproducible work, and keep strategies in backtest or paper-trading mode unless you deliberately configure and approve live brokerage access.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
backtrader>=1.9.0 matplotlib>=3.0.0
- Confidence
- 92% confidence
- Finding
- matplotlib>=3.0.0
VirusTotal
52/52 vendors flagged this skill as clean.