Back to skill

Security audit

AI驱动经济诊断:econ-progress-tracker 中国经济跟踪框架

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed economic-news analysis workflow with limited local snapshot storage and no executable code or malware signals.

Install if you want recurring Chinese economic tracking based on current web sources. Be aware it will browse external financial/news/statistics sites and keep dated local snapshots of its analyses, so avoid using it for private or sensitive research topics unless that history is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases are broad enough that the skill could activate on generic requests about economic updates or framework-based analysis, causing unintended browsing and file-memory actions. In this skill, accidental activation is more concerning because the workflow explicitly mandates network access and persistent storage, increasing the chance of non-obvious side effects.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to write results into persistent memory files without notifying the user or obtaining consent. Even if the stored content is 'just analysis,' it can still contain sensitive user interests, research topics, or derived data, creating privacy and retention risks over time.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill requires collecting current financial news from multiple external sites but does not warn the user that network access will occur. This can surprise users, leak usage context through outbound requests, and fetch untrusted external content as part of the workflow.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.