Back to skill

Security audit

Trend Demand Forecaster

Security checks across malware telemetry and agentic risk

Overview

This is a simple demand-planning helper with no hidden automation or credential use, though some examples blur its stated no-live-data boundary.

Install only if you want heuristic demand-planning support from notes or data you provide. Treat references to Google Trends, 5118, Baidu Index, 1688, Taobao, Pinduoduo, or similar tools as optional outside research inputs; this skill does not itself fetch live market data or make purchasing decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The skill documentation explicitly says it 'does not pull live sales, ads, weather, ERP, marketplace, or competitor data' and instructs not to claim access to live systems or external trend feeds. However, Scenario 4's expected output directs use of live tools and platforms such as 5118, 巨量算数, 百度指数, 1688, 淘宝/拼多多, which contradicts the stated non-live, heuristic-only operation of the skill.

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The overview and safety sections say the skill relies on user-provided context and should not claim access to live systems or external trend feeds. Yet the Q4 apparel example says the expected output quantifies a trend signal with 'Google Trends/search-volume data proxy,' which implies use of external trend data inconsistent with the skill's stated operating model.

Natural-Language Policy Violations

Low
Confidence
87% confidence
Finding
The README presents the skill primarily in Chinese, including the title, core description, and example outputs, without stating that users can choose their preferred language. This can be a natural-language policy issue when a skill appears to enforce a locale or language by default rather than offering an explicit option.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The file is primarily written in English, but Scenario 4 switches to Chinese and presents the interaction/output in that language without stating that the skill is China-market-specific or that language choice is user-driven. This can violate language/locale policy by implicitly forcing a specific language or locale behavior without opt-in.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.