Breadth Chart Analyst

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only market chart analysis skill with no code or credential access, but users should treat its trading guidance cautiously.

Install only if you want an agent to analyze market breadth charts and produce structured trading-style reports. Review any saved report location before use, and treat buy, sell, position sizing, and timing language as educational technical analysis rather than personalized financial advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs the agent to save analysis files using specific filenames, which implies a write-to-disk side effect without any user notice, consent, or confirmation step. In agent environments with filesystem tools, this can lead to unexpected persistence of potentially sensitive market analysis, cluttering shared workspaces or writing into inappropriate locations.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The template gives concrete trading actions, position sizing, and timing guidance while only including a generic disclaimer that it is not a recommendation to buy or sell securities. That does not clearly warn users to assess personal suitability or seek qualified financial advice before acting, which can lead users to treat the output as actionable investment advice despite the uncertainty and risk inherent in market analysis.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal