A-Stock Reporter

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed A-share market reporting tool with optional scheduled reports, but its financial data scope and routing should be checked carefully.

Install dependencies in an isolated Python environment, enable cron only if you want recurring reports, and remove the cron entry when done. Treat all output as informational market data, not investment advice, and verify A-share scope because one bundled sector list contains an out-of-scope ticker.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The skill metadata explicitly says it is not for 港股, yet the 科技 sector components include stock code 00700, which is Tencent and a Hong Kong-listed security. This creates a scope-integrity problem: downstream logic may return out-of-scope market data, produce misleading A-share reports, or trigger incorrect analysis based on mixed universes.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The activation keywords include broad terms like '市场报告' and '每日研报', which can match many general finance-related requests outside the intended A-share-only scope. This can cause incorrect skill routing, unintentional invocation, or application to unsupported assets, increasing the chance of misleading outputs or unsafe downstream actions based on irrelevant financial data.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal