Eastmoney Stock

Security checks across malware telemetry and agentic risk

Overview

This skill is a public stock-market lookup helper with transparency issues about data sources, but no evidence of credential access, persistence, destructive behavior, or account mutation.

Reasonable to install for informational stock quotes and rankings. Treat results as market-data convenience, not financial advice, and be aware that stock symbols may be sent to Sina Finance and Eastmoney; important prices or rankings should be verified with a trusted source.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 82% confidence
Finding: The skill appears to require network access to fetch stock data, but no permissions are declared. Undeclared network capability reduces transparency and weakens enforcement or review controls, making it easier for the skill to access external resources without explicit user or platform awareness. In a finance-related skill, hidden outbound access increases the risk of unexpected data flows and supply-chain dependence on remote services.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 88% confidence
Finding: The documented behavior says the skill queries Eastmoney stock data, but the implementation reportedly also uses Sina Finance and supports additional sector/board ranking features not disclosed in the description. This mismatch is dangerous because reviewers and users may trust the skill under false assumptions about its data sources and scope, which can hide third-party dependencies, broaden data exposure, and undermine informed consent. In a market-data skill, source integrity matters because undisclosed providers can affect reliability, policy compliance, and auditing.

Intent-Code Divergence

Medium

Confidence: 92% confidence
Finding: The code and documentation explicitly use Sina Finance while the skill is presented as an Eastmoney data source, creating a provenance/integrity mismatch. In an agent setting, this can mislead users, downstream tooling, or compliance controls about where market data originates, which is dangerous when source trust, licensing, or behavioral expectations differ by provider.

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The skill advertises Eastmoney but actually sends requests to hq.sinajs.cn, which is a direct source-substitution issue. This undermines transparency and trust boundaries: users or orchestrators may rely on Eastmoney-specific data quality, legal terms, network allowlists, or auditing assumptions, yet the skill contacts a different external service without disclosure.

Vague Triggers

Medium

Confidence: 76% confidence
Finding: The invocation guidance is broad enough to trigger on general finance questions like 'A股今天怎么样？', which may cause the skill to activate outside narrowly intended stock-quote requests. Overbroad activation can lead to unnecessary network calls, confusing responses, or unintended disclosure of external data usage, especially when users did not explicitly request this skill. The context makes this somewhat risky because financial topics are broad and common, so accidental invocation is plausible.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal