A Stock Trading Assistant

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed A-share market-data and trading-analysis assistant; it does not request brokerage credentials, execute trades, or add hidden persistence.

Install only if you want an A-share-focused assistant. Do not provide brokerage credentials or treat its suggestions as guaranteed investment advice. Be aware it may write local watchlist notes for alerts and makes outbound requests to public finance data providers.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger description is broad enough to activate on nearly any A-share-related request, which can cause the skill to intercept queries outside the user's exact intent and steer the assistant into finance-specific behavior too aggressively. In a trading context, over-broad activation is more dangerous because it can produce unsolicited market or trading guidance, increasing the chance of inappropriate financial advice or incorrect tool use.

Natural-Language Policy Violations

Medium

Confidence: 82% confidence
Finding: The skill hard-codes a China A-share scope and Chinese-language/locale framing without asking the user for language or regional preference. While not directly enabling code execution or data exfiltration, this can override user expectations, reduce clarity for non-Chinese-speaking users, and increase the risk of misunderstood or misapplied financial guidance.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal