A 股多空辩论

Security checks across malware telemetry and agentic risk

Overview

This stock-analysis skill is mostly aligned with its purpose, but it asks the agent to run an unverified proxy binary from /tmp and stop processes by broad name matching.

Review before installing. Only use this skill if you trust and can verify the mihomo binary and config it expects under /tmp, are comfortable sending stock data and prompts to BigModel GLM, and can tolerate a local proxy process being started and stopped. Avoid shared servers unless proxy handling is changed to a verified binary, explicit user approval, exact PID tracking, and reliable cleanup.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Session Persistence

Medium

Category: Rogue Agent
Content: # 启动代理（如未运行） stock_start_proxy() { pgrep -f mihomo_bin > /dev/null && return nohup /tmp/mihomo_bin -f /tmp/mihomo_config.yaml -d /tmp/mihomo_data > /tmp/mihomo.log 2>&1 & sleep 2 curl -s --connect-timeout 5 --proxy ${STOCK_PROXY:-http://127.0.0.1:7890} https://httpbin.org/ip | grep -q origin || echo "PROXY_DOWN" }
Confidence: 93% confidence
Finding: nohup

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal