Back to skill

Security audit

Intelligent Stocks Screener

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Eastmoney-based financial screener that sends user-provided screening queries to an external API and saves CSV results locally.

Install only if you trust Eastmoney's service and have a revocable EM_API_KEY. Avoid putting confidential portfolio, client, or proprietary strategy details in queries, and set MX_STOCKS_SCREENER_OUTPUT_DIR if you need outputs confined to a specific folder.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation indicates access to an environment secret (`EM_API_KEY`), outbound network use (`httpx` to a remote API), and local file output (CSV and description files), but the skill does not declare explicit permissions for these capabilities. Undeclared capabilities reduce transparency and can weaken policy enforcement, making it easier for a skill to access secrets, exfiltrate data to a remote service, or write files without users understanding the operational risk.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill is described as accepting broad natural-language queries for asset screening without clear activation boundaries, allowed task types, or exclusion conditions. In an agent environment, overly broad triggering can cause the skill to be invoked in unintended contexts, sending sensitive user-provided content to an external financial service or generating unnecessary file outputs.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manifest description advertises very broad global asset screening, monitoring, portfolio construction, and backtesting from natural-language input, but does not constrain when the skill should be selected. This increases the chance of overbroad routing and unintended external transmission of user prompts or strategy information to the third-party API.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends the user's natural-language query and a generated user identifier to a remote Eastmoney endpoint without any explicit user-facing notice or consent step. Queries may contain sensitive investment intent or proprietary research criteria, so undisclosed transmission to a third party creates a privacy and data-governance risk in this skill context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.