A-Share Stock Data API

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent stock-data API helper, but it handles API credentials in avoidable risky ways that users should review before installing.

Install only if you are comfortable with this skill contacting the documented market-data API. Prefer passing any API key through the X-API-Key header instead of URL parameters, and avoid relying on the bundled default token because it is public in the skill code and may be revoked, abused, or tied to someone else’s quota.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The examples encourage passing API credentials in the URL query string, which can leak through browser history, proxy logs, server access logs, analytics tooling, referrer headers, and shared screenshots or shell history. Because the token grants access to the API, disclosure could allow unauthorized use, quota theft, or data access under the victim's account.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The script embeds a default API token in source code and automatically sends it on outbound requests, which exposes a credential to anyone with access to the skill code and encourages credential reuse. In a distributed skill/plugin context, hardcoded secrets are especially risky because they can be harvested, abused against the backend API, and are difficult to rotate once published.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal