选股专家

Security checks across malware telemetry and agentic risk

Overview

This is a Markdown-only stock analysis skill with no code execution or data access, but users should treat its buy/sell labels as educational guidance rather than financial advice.

Install only if you want a stock-analysis framework. Verify all financial inputs independently, consider your own objectives and risk tolerance, and do not treat generated buy/sell labels as personalized professional financial advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill provides explicit investment recommendations such as '强烈买入' and '不买入' without a clear disclaimer that the output is informational only and not financial advice. In an investing context, users may over-rely on the model's output as personalized advice, increasing the risk of financial harm, regulatory exposure, and unsafe decision-making.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal