Back to skill

Security audit

Benbenjiucai Perspective

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed investment-persona roleplay skill with strong warnings and no executable or hidden data behavior.

Install only if you intentionally want a simulated investment-commentary persona. Do not treat its outputs as licensed financial advice or as a basis for trades, and only enable quantitative mode if you are comfortable configuring the Tushare proxy credentials it references.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger rules are intentionally expansive and include vague natural-language phrases like switching to the persona by casual mention, which can cause the skill to activate when the user did not clearly request it. In a financial-advice-adjacent skill, unintended activation matters because it can silently replace normal assistant safeguards and push the conversation into persuasive investment-roleplay with reduced user awareness.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The instruction to show the disclaimer only on first activation reduces persistent risk communication during an ongoing conversation that may include concrete trading analysis. Because the skill is designed to emulate a confident investor persona, suppressing repeated warnings can make users forget they are receiving simulated, non-licensed financial guidance and increase reliance on risky outputs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.