A股智投大师

Security checks across malware telemetry and agentic risk

Overview

This is a coherent A-share stock-analysis skill that uses disclosed Eastmoney APIs, with watchlist and alert features users should confirm before changing.

Before installing, review the auto-installed companion skills, use only the intended Eastmoney API key, and tell the agent to confirm the exact stock and action before changing watchlists or creating monitoring alerts. Treat all analysis as informational, not financial advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The keyword list includes broad terms such as '投资', '理财', and especially '副业', which can match common conversational requests beyond the intended stock-analysis scope. Overbroad triggers can cause unintended invocation, exposing financial context, causing surprising tool use, or routing users into a skill that may access external services and account-linked data.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill exposes a state-changing self-select management API that can add or delete watchlist entries based on a free-form query, but the code contains no confirmation gate, dry-run mode, or explicit user-consent check before performing the action. In an agent setting, ambiguous or prompt-injected instructions could trigger unintended portfolio/watchlist modifications, making this more dangerous than a normal read-only market data tool.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal