Back to skill

Security audit

Halo

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed A-share stock analysis workflow that fetches market data and writes reports, with no packaged executable code or hidden behavior found.

Install this if you want an agent to run a structured A-share analysis workflow and save local reports. Prefer invoking it explicitly with `/halo <code or name>` so data-fetching commands are intentional, and review any generated investment advice as informational rather than a trading instruction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The skill declares a broad trigger condition of analyzing any A-share stock request, which can overlap with ordinary conversational queries rather than an explicit tool invocation. In an agent setting, this increases the chance of unintended execution of local scripts and data-fetch workflows when the user did not clearly consent to activating the skill.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The examples show natural-language phrases like '分析600519' and '帮我看看亨通光电' as triggers without defining whether these are informational requests or actual execution commands. That ambiguity makes accidental skill invocation more likely, especially because the workflow includes shell commands and Python execution against external data sources.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.