Back to skill

Security audit

Sector Scanner

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed A-share sector scanner that fetches public market data and optionally writes user-requested CSV reports, with no evidence of hidden data access, persistence, exfiltration, or destructive behavior.

Before installing, expect the skill to install pytdx, connect to external market-data servers, and write CSV files when export is requested. Use a dedicated virtual environment, review the output path before CSV export, and treat the generated rankings as informational market analysis rather than investment advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to create/use a Python virtual environment, install a package, access real-time market data over the network, and export CSV files, but it declares no permissions. That mismatch can cause the agent to perform file and network operations without explicit user or platform visibility, increasing the chance of unintended data access, package-install risk, or unauthorized writes.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases include broad, common financial-language terms such as '资金流向', '板块排名', and '哪些板块在涨', which may activate the skill in conversations where the user did not intend to run a networked scanner or generate files. In this skill's context, unintended activation is more concerning because execution can lead to external network access, package installation guidance, and optional file output.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.