backtest-expert

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill that gives backtesting methodology guidance and does not request code execution, credentials, private files, persistence, or trading account access.

Installing this skill should mainly add structured backtesting guidance. Review the external setup link before following it, and treat the trading content as educational methodology rather than financial advice; do not provide broker credentials or private datasets unless a future version clearly explains why they are needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Low

Confidence: 81% confidence
Finding: The README says the skill is applicable when a user asks about backtesting, strategy validation, robustness testing, or systematic trading development, but it does not define clear trigger boundaries or exclusions. This makes invocation scope somewhat open-ended for a markdown file, especially around broad phrases like 'systematic trading development' that could overlap with general discussion.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal