量化交易知识

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only quant trading reference skill, but users should not treat its stock suggestions as professional financial advice.

Install only if you want educational quant-trading guidance. Verify all market data independently, consider the examples hypothetical, and do not rely on the skill as personalized investment advice or as a substitute for a licensed financial professional.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly offers buy/sell recommendations and position-sizing guidance without any disclaimer that the content is informational only, nor any warning about market volatility, suitability, or potential losses. In a trading skill, this can lead users to over-rely on model-generated recommendations as personalized financial advice, increasing the risk of harmful financial decisions.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The response template operationalizes concrete trading actions by prescribing entry price ranges, stop-loss levels, target prices, and portfolio allocation percentages without any financial-risk warning or suitability check. This makes the skill more dangerous than generic education content because it standardizes actionable instructions that a user could immediately follow in live markets.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal