Security audit

Stock Analysis

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed A-share stock analysis tool that fetches market/news data and uses a configured LLM, with no evidence of hidden persistence, exfiltration, or destructive behavior.

Install only if you are comfortable sending stock queries, retrieved news content, and analysis prompts to your configured LLM and any enabled search/data providers. Use dedicated API keys, avoid confidential research terms in prompts, and prefer a locked dependency environment for production use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (10)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly documents sending news/search content and full article bodies to external search engines and an LLM, but it does not provide a clear user-facing privacy notice, consent step, or data-handling boundary. In a finance-analysis workflow, user prompts may contain sensitive watchlists, trading interests, or proprietary research context, so undisclosed transmission to third parties creates a real privacy and compliance risk.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The search method sends the raw user query to a third-party endpoint over the network, which can expose potentially sensitive user input to an external service. While this appears to be normal product functionality rather than malicious behavior, it is still a privacy and data-handling risk when users are not clearly informed or when queries may contain confidential terms.

Unpinned Dependencies

Low

Category: Supply Chain
Content: openai>=1.0.0 efinance>=0.5.0 akshare>=1.10.0 numpy>=1.24.0
Confidence: 97% confidence
Finding: openai>=1.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: openai>=1.0.0 efinance>=0.5.0 akshare>=1.10.0 numpy>=1.24.0 pandas>=2.0.0
Confidence: 97% confidence
Finding: efinance>=0.5.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: openai>=1.0.0 efinance>=0.5.0 akshare>=1.10.0 numpy>=1.24.0 pandas>=2.0.0 httpx>=0.25.0
Confidence: 97% confidence
Finding: akshare>=1.10.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: openai>=1.0.0 efinance>=0.5.0 akshare>=1.10.0 numpy>=1.24.0 pandas>=2.0.0 httpx>=0.25.0 requests>=2.28.0
Confidence: 98% confidence
Finding: numpy>=1.24.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: efinance>=0.5.0 akshare>=1.10.0 numpy>=1.24.0 pandas>=2.0.0 httpx>=0.25.0 requests>=2.28.0 python-dotenv>=1.0.0
Confidence: 97% confidence
Finding: pandas>=2.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: akshare>=1.10.0 numpy>=1.24.0 pandas>=2.0.0 httpx>=0.25.0 requests>=2.28.0 python-dotenv>=1.0.0
Confidence: 98% confidence
Finding: httpx>=0.25.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: numpy>=1.24.0 pandas>=2.0.0 httpx>=0.25.0 requests>=2.28.0 python-dotenv>=1.0.0
Confidence: 98% confidence
Finding: requests>=2.28.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: pandas>=2.0.0 httpx>=0.25.0 requests>=2.28.0 python-dotenv>=1.0.0
Confidence: 95% confidence
Finding: python-dotenv>=1.0.0

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal