Back to skill

Security audit

Custom Morning Brief

Security checks across malware telemetry and agentic risk

Overview

This is a daily market-briefing skill, but it can automatically read portfolio data and send it to a hard-coded Feishu recipient without clear user control.

Review before installing. Only use this skill if you control the Feishu recipient, are comfortable with USER.md portfolio data being included in scheduled messages, and can add explicit opt-in, recipient configuration, and preview or confirmation before any outbound send. Treat the trading suggestions as informational, not financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest description is vague and trigger-word centric, while the body defines a concrete system that automatically gathers market data, reads holdings from USER.md, and sends a generated report to a fixed Feishu recipient. This mismatch reduces informed consent and can conceal sensitive behavior from users and reviewers, increasing the risk of unnoticed data handling and message delivery.

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger words include extremely common terms such as 'search', 'skill', '优化', '数据', and 'data', making accidental invocation likely during ordinary conversation. In this skill's context, unintended activation is more dangerous because the documented behavior includes automated collection of holdings-related information and outbound messaging to Feishu, which could cause unauthorized disclosure or actions without clear user intent.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill documents automatic sending of generated reports and portfolio-related data to a Feishu private message target, but it does not provide a clear user-facing warning or consent mechanism. Because the content may include holdings from USER.md and market analysis, the lack of disclosure materially increases the chance of sensitive financial information being transmitted off-platform without informed approval.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.