Back to skill

Security audit

Invest Analyzer

Security checks across malware telemetry and agentic risk

Overview

This stock-analysis skill is instruction-only and its web search, PDF download, and valuation workflow are disclosed and fit its stated purpose.

Install only if you are comfortable with the agent searching the web, downloading public filings, parsing PDFs, and using any configured Baidu search key. Protect the key file with restrictive permissions, review the referenced search/browser/PDF skills separately, and treat investment conclusions as research to verify against official filings before acting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation phrase is extremely broad: telling users to simply say '帮我分析[股票代码/名称]' can overlap with ordinary conversation and may cause the skill to trigger unintentionally. In agent ecosystems, overly generic triggers increase the chance of accidental execution on unrelated user input, which can lead to unintended tool use, network access, or misleading autonomous behavior.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill includes very generic trigger phrases such as '帮我分析腾讯控股' and similar stock-analysis requests that closely resemble normal conversation. In an agent environment, this can cause the skill to activate unintentionally, steering unrelated financial discussions into this workflow and causing unwanted tool use, external data access, or overconfident investment-style outputs without explicit user intent.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The skill is entirely written in Chinese and provides no indication that the agent should adapt to the user's preferred language. This can cause the agent to respond in an unintended locale, reducing usability and potentially causing misunderstanding of investment screening criteria or outputs.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.