A股交易助手 stock bitsoul

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed finance-calculation skill that may use a token-backed market data API, with only a mild risk of activating too broadly in general finance conversations.

Install this only if you want an agent to calculate stock or portfolio performance using a BitSoul token. Keep the token private and scoped where possible, and consider adding stricter trigger rules or confirmation when a request is vague.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases are broad everyday finance utterances, so the skill can activate when a user is only casually discussing returns rather than explicitly requesting this tool. In an agent setting, this can cause unintended data access, unnecessary network calls using BITSOUL_TOKEN, and incorrect tool selection that overrides user intent.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill defines when it should trigger but does not define meaningful boundaries for when it must not trigger, leaving routing behavior ambiguous. This increases the chance of accidental invocation, especially because the skill can fetch external market data and produce authoritative-looking financial analysis without explicit user consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal