InvestToday Finance Data

Security checks across malware telemetry and agentic risk

Overview

This is a coherent finance-data skill with no hidden executable files, but users should handle the API key carefully and treat trading or research outputs as informational only.

Install only if you trust the InvestToday API provider and need Chinese financial-market data. Use the interactive init flow or another protected secret path for the API key, avoid --skip-verify unless you understand why it is needed, and independently verify any research, forecast, or trading-signal output before making financial decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (12)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The example `remark` content is clearly unrelated to a fund subscription/redemption status API and instead describes a product-release change in a non-financial system. This kind of semantic mismatch can indicate contaminated documentation, bad data lineage, or accidental exposure of internal business text, which may mislead downstream agents and leak unrelated operational context.

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The output examples for `objectName` and related fields show a system object unrelated to fund transaction status, suggesting cross-domain data leakage or documentation contamination. In an agent skill, this can cause incorrect tool use, unsafe assumptions about returned data, and inadvertent disclosure of internal system concepts not needed for the documented finance workflow.

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The example value for `backgroundDesc` is clearly inconsistent with a fund-manager information API and instead contains a detailed bank-customer/credit narrative. This indicates sensitive real-world business and personal profile text may have been inserted into documentation or sample payloads, creating a risk of privacy leakage, data contamination, and downstream misuse by consumers who treat examples as valid schema content.

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: The arbitration-cases section contains sample output fields and example values that do not match the endpoint’s stated purpose of listed-company litigation/arbitration data, such as generic customer-service and project-delivery text. This can mislead downstream agents or users into trusting semantically incorrect data mappings, causing flawed legal-risk analysis or incorrect automated reasoning based on mislabeled fields.

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: This duplicated arbitration-cases section repeats inconsistent example output that mixes unrelated business/customer text into legal-risk fields. Repetition increases the chance that agents trained or prompted from this document will propagate incorrect interpretations, undermining reliability of compliance or risk assessments.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill documentation explicitly shows non-interactive initialization using `--api-key "<API_KEY>"` and `--skip-verify` without warning that command-line secrets can be exposed via shell history, process listings, logs, or shared terminal transcripts. In an agent skill context, examples are often copied verbatim, so this can normalize unsafe credential handling and increase the chance of API key leakage.

Natural-Language Policy Violations

High

Confidence: 99% confidence
Finding: The natural-language example exposes sensitive personal and business details such as VIP customer status, industry, annual revenue, credit history, and prior loan amounts, none of which belong in a fund-manager reference. Because this skill is designed for structured financial data retrieval, such leakage is especially dangerous: examples may be scraped, reused in prompts, indexed in search, or normalized into datasets, causing unauthorized disclosure and possible compliance violations.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: This section presents investment-risk analysis as support for 'decision support' without any visible warning that outputs are informational, uncertain, and not a substitute for independent financial judgment. In a finance skill, omission of such guardrails can materially increase the chance that users over-trust model-mediated outputs and make harmful financial decisions based on incomplete or stale information.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The fundamentals section explicitly frames the endpoint as suitable for deep financial analysis and investment-value assessment, but gives no disclaimer about uncertainty, non-advisory use, or verification requirements. In this skill context, that increases the risk of users interpreting generated summaries as authoritative investment advice despite model and data limitations.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The prospects section includes forward-looking forecasts and performance projections but lacks any warning about predictive uncertainty, model error, or scenario sensitivity. Because forecasts are especially prone to overconfidence and misuse, the missing caution is more dangerous in a finance-analysis skill than in a generic informational context.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: This section promotes investment themes and investment value without cautioning that thematic interpretation can be speculative and should not drive financial decisions on its own. Given the skill’s stated use for stock and research analysis, the lack of user-facing risk language materially raises the chance of unsafe reliance on potentially biased or incomplete outputs.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This documentation exposes explicit trading-signal style outputs such as buy/sell dates, buy/sell prices, take-profit, stop-loss, returns, and position sizing, but does not include any warning that the information is informational only and should not be treated as personalized investment advice. In a finance-data skill, that omission increases the likelihood that downstream agents or users will operationalize the signals as actionable recommendations, creating compliance, suitability, and user-harm risk.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal