Back to skill

Security audit

Bank Regulatory Reporting

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable banking-reporting skill, but it is under-scoped for sensitive financial data and includes credit-policy guidance beyond its stated reporting purpose.

Review before installing. Use only in an approved banking/compliance environment, avoid providing real customer or transaction data unless authorized and minimized, require human compliance review before any filing, and do not rely on the appended credit-policy sections for underwriting, lending approvals, or operational credit decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The appended 'Dianjin' sections materially expand the skill from regulatory reporting into credit-policy analysis, industry risk rule generation, and business adjustment guidance. That scope expansion can cause the agent to engage in higher-risk lending and credit decision support outside the declared purpose, increasing the chance of unsafe, noncompliant, or unauthorized advice in a regulated banking context.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README markets automated generation of highly sensitive banking regulatory, AML, and compliance reports from raw data, but provides no warning or handling guidance for customer, transaction, sanctions, or supervisory data. In this context, omission of privacy, access-control, retention, and validation safeguards can lead users to process regulated financial data insecurely, increasing risk of data leakage, compliance breaches, and misuse of AML-related information.

Vague Triggers

Medium
Confidence
86% confidence
Finding
Several triggers such as '合规报告', '数据报送', and '监管合规报告' are broad enough to activate this skill for many generic compliance or reporting requests unrelated to banking regulatory submissions. Overbroad activation can route users into an inapplicable workflow, causing inappropriate collection or generation of regulated content and increasing the chance of erroneous compliance guidance.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are broad, generic regulatory-reporting terms that can match many normal banking or compliance conversations, causing the skill to activate when the user did not explicitly request it. In a sensitive financial/compliance context, unintended invocation increases the chance of inappropriate data capture, misleading guidance, or overreach into regulated workflows.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.