Back to skill

Security audit

一周拿下 WorldQuant 因子挑战金牌(AI 辅助)

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed WorldQuant BRAIN research workflow that uses credentials, API calls, and local logs in ways that fit its stated purpose, with human confirmation before submissions.

Install only if you are comfortable giving the workflow access to your WorldQuant BRAIN account. Use a private machine or workspace, set credentials via environment variables, keep wq_workspace out of Git or synced public folders, and review each recommended submission before confirming it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill instructs use of environment variables, local file reads/writes, and network/API access, but it does not declare any permissions. Even though the stated use case is legitimate, undeclared capabilities weaken transparency and consent boundaries: an agent or user may invoke the skill without realizing it will access credentials, write workspace artifacts, and make external requests.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill instructs users to authenticate with HTTP Basic credentials loaded from environment variables, but provides no guidance on secure handling, scoping, or redaction of those secrets. In an AI-assisted workflow, that omission matters because users may expose credentials through logs, prompts, shell history, debug output, or generated code that prints environment state.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill recommends local caching of available operators/data fields and append-mode logging of simulation expressions, parameters, metrics, and dates, but does not warn about sensitive research artifacts or account-related data being written to disk. In this context, persistent local storage can leak proprietary strategies, API-derived metadata, or accidentally captured tokens/headers if the implementation is careless, increasing exposure on shared machines or synced folders.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.