Back to skill

Security audit

gold-investment

Security checks across malware telemetry and agentic risk

Overview

This gold-market analysis skill appears purpose-aligned, with the main caution that user queries are sent to Tavily for live search.

Install only if you are comfortable using Tavily for live gold-market searches. Avoid putting private financial details in search prompts, and treat any investment analysis as informational rather than personalized financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description enumerates very broad trigger topics such as gold price, trends, investment, analysis, news, and technical analysis, which can match many ordinary finance-related user requests and cause unintended invocation. This increases the chance the agent routes users into this skill when they did not explicitly ask for it, potentially exposing external-search behavior and producing investment-oriented responses beyond the user's intent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The example invocations like asking to analyze gold or whether gold is worth buying are phrased broadly and overlap with common conversational requests, which can train or bias routing toward over-invocation. In a skill that can fetch external data and give investment-style guidance, ambiguous examples make accidental activation more likely and can lead to unwanted financial recommendations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends both the user's gold-related query and the Tavily API key to an external third-party service. While this is expected for a search integration, there is no explicit disclosure, consent, or minimization of user-provided content before transmission, creating a privacy and data-handling risk if users assume analysis is local.

External Transmission

Medium
Category
Data Exfiltration
Content
include_raw_content: false,
  };

  const resp = await fetch("https://api.tavily.com/search", {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
Confidence
86% confidence
Finding
fetch("https://api.tavily.com/search", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
include_raw_content: false,
  };

  const resp = await fetch("https://api.tavily.com/search", {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
Confidence
86% confidence
Finding
https://api.tavily.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.