Super Trend Analysis

Security checks across malware telemetry and agentic risk

Overview

This skill locally analyzes user-selected stock CSV files and writes reports, with only minor documentation gaps around chart output and generated CSV files.

Install only if you are comfortable running local Python scripts on stock CSV files and saving generated reports/indicator CSVs. Use a virtual environment, point batch mode only at intended folders, and treat the trading suggestions as informational analysis rather than financial advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 88% confidence
Finding: The documented behavior does not match the reported implementation: it allegedly supports broader batch directory scanning, exports additional CSV artifacts, and does not actually generate promised charts. This mismatch can mislead users and operators about what the skill will access and produce, which is dangerous because hidden scope expansion increases the chance of unintended data exposure or overbroad filesystem processing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal