Charts

Security checks across malware telemetry and agentic risk

Overview

This charting skill is mostly coherent, but it tells the agent to send generated chart files to a fixed Telegram recipient without clear user confirmation.

Review before installing. Use it only if you are comfortable with market-data requests to Yahoo Finance/CoinGecko, verify the local crypto_charts.py file first, and remove or change the hardcoded Telegram command unless you specifically want charts sent to that recipient.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger guidance is broad enough to activate on ordinary requests like generic charting or market-analysis prompts, which can cause the agent to run this skill without clear user intent. Because the skill performs network data fetches and can generate/send artifacts, overbroad invocation increases the chance of unintended external requests and accidental disclosure of user activity or analysis targets.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The instructions direct the agent to fetch data from Yahoo Finance and CoinGecko but do not warn that executing the skill sends external network requests. This can violate user expectations or privacy requirements, especially when the user did not explicitly consent to contacting third-party providers or when the queried asset/timing itself is sensitive.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal