Hutian Opc Business Model

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly coherent for business-plan analysis, but its generated HTML report loads remote JavaScript that could access sensitive report contents.

Install only if you are comfortable generating reports that may load third-party JavaScript when opened in a browser. For confidential business plans, prefer using the PNG output or modifying the skill to bundle ECharts locally and escape report fields before opening generated HTML.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 90% confidence
Finding: The skill simultaneously forbids fabrication and permits 'reasonable inference' when product-line data is missing, creating a contradictory instruction set. In a decision-support context for business plans, this can cause the agent to present speculative classifications as analysis, potentially misleading investment, strategy, or compliance decisions with unverified content.

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The HTML report injects a remote script tag that loads ECharts from jsDelivr, creating an unexpected external network dependency in a tool that otherwise appears to do local file processing. If the CDN is unavailable, blocked, or the dependency is compromised, report rendering can fail or execute attacker-controlled JavaScript in the viewer's browser.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal