Back to skill

Security audit

Investment Advisory Workflow

Security checks across malware telemetry and agentic risk

Overview

This is a coherent financial-advisory workflow skill, but it handles sensitive portfolio context and should be used only with explicit user consent and careful data controls.

Install only if you intend to use it for investment-advisory support. Invoke it explicitly, treat outputs as informational unless reviewed under appropriate professional controls, avoid sharing full identity or account numbers, and verify the referenced data/MCP integrations for credential scope, logging, retention, and where portfolio data is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill is triggered by broad, conversational phrases such as '最近 XX 怎么看' and '大跌了怎么办', which can cause accidental invocation in ordinary discussion rather than an explicit request for advisory automation. In a financial-advice context, mistaken activation is riskier than usual because it may lead the system to process portfolio-related context or generate investment recommendations without clear user intent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The workflow advertises holdings review, rebalancing suggestions, and asset allocation, but the README does not state how sensitive financial data is handled or warn users about investment risk, suitability limits, and non-guaranteed outcomes. In this context, missing disclosure is materially dangerous because users may provide brokerage or portfolio data and rely on outputs as personalized financial advice without informed consent or proper safeguards.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill advertises very broad trigger phrases such as '最近 XX 怎么看', '这个事件有什么用', and '大跌了怎么办', which can match ordinary conversation and cause the advisory workflow to activate when the user did not explicitly request regulated-like financial guidance. In this context, over-triggering is riskier because the skill can invoke web/data/tooling and produce persuasive investment-adjacent recommendations, increasing the chance of unsolicited or inappropriate financial advice.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The prompt explicitly handles a distressed user asking whether to panic-sell during a market drop and instructs the agent to provide calming language plus behavior-correction, but it does not require any safety disclaimer, risk framing, or escalation for suitability. In an investment-advisory workflow, emotionally persuasive guidance given during acute stress can materially influence trading decisions, making the omission dangerous even if the intent is supportive rather than malicious.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
These skill modules process sensitive financial and personal data such as customer name, risk level, holdings, gains/losses, fund details, and inferred emotional state, but the file provides no privacy notice, consent step, retention limits, or data-minimization guidance. In an investment-advisory workflow, this increases the risk of over-collection, unauthorized use, and disclosure of highly sensitive financial profile data.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.