华尔街见闻新闻

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a financial news helper with some usability and activation-scope caveats, but no evidence of hidden, destructive, credential-stealing, or persistence behavior was provided.

Install only if you want generic finance/news prompts to use this news-source workflow. When using it, specify the desired source, language, and output format if you do not want the default Chinese Markdown presentation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill description uses broad trigger terms such as 财经新闻、市场动态、金融资讯、股市行情、热文、头条、搜索文章, which can overlap with ordinary user requests and cause the skill to activate when the user did not explicitly ask for WallstreetCN content. In an agent system, this can route queries to an unintended external data source, reducing user control and increasing the chance of irrelevant or misleading responses.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill mandates a fixed Chinese Markdown output template and branding without providing a mechanism to honor the user's language or formatting preference. This can override user intent, degrade usability, and in multilingual environments cause incorrect or inaccessible responses, though it is not a direct security exploit in itself.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal