太几何交易

Security checks across malware telemetry and agentic risk

Overview

This skill is not showing malware, but it can present placeholder or thinly supported stock analysis as actionable trading guidance and asks users to store API keys in a local config file.

Review before installing. Use the core no-LLM script if you do not want external model calls, avoid committing config.py after adding API keys, and treat all scores and buy/sell suggestions as research prompts only, especially because some auxiliary analysis may be default or weakly sourced rather than true financial analysis.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill advertises integrated fundamental, sentiment, and AI-based analysis, but this code returns hard-coded placeholder scores and canned rationales instead of performing those analyses. In a stock-trading context, this can mislead users into believing investment recommendations are data-driven when they are not, creating integrity and trust risks that may influence financial decisions.

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The code claims to perform AI prediction analysis but actually assigns a fixed score and generic factors, which is a deceptive mismatch between stated behavior and actual behavior. In a financial-analysis skill, falsely presenting deterministic placeholder output as AI-driven insight can cause users to over-trust the recommendation and make unsuitable trades.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The trigger description covers broad classes of stock prediction, scoring, and trading-analysis requests without clear boundaries, making over-activation likely. In a trading context, unintended invocation is riskier because the skill may influence financial decisions or initiate external data access when the user did not explicitly request this specific methodology.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill tells users to place API tokens directly into a local Python config file, but provides no warning about secret storage, source control exposure, file permissions, or rotation. This creates a realistic path for credential leakage through repository commits, backups, logs, or shared workspaces, which could enable unauthorized API usage and downstream account compromise.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script transmits stock identifiers, recent price history, and technical-analysis context to third-party LLM APIs without explicit just-in-time user notice or consent. In a trading-analysis skill, users may reasonably expect local computation, so silent external transmission increases privacy, compliance, and data-handling risk, especially when providers are configurable and may be nonstandard.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal