Security audit

A Stock

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed A-share stock data helper that uses a local Node script and an API key to query its declared stock-data provider.

Install only if you trust api.aipmedia.cn and are comfortable storing an ASTOCK_API_KEY for stock-data queries. Keep the key in .env or an environment variable rather than chat, and be aware that broad stock-like prompts may trigger third-party API calls.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger scope is extremely broad, including essentially any A-share or market-related query and even any mention of a 6-digit code, which can cause unintended invocation in ambiguous contexts. Over-broad triggering can route unrelated user requests into this skill, causing unnecessary external API calls and increasing privacy and integrity risk through unexpected data handling.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical

Code: suspicious.env_credential_access
Location: scripts/api-client.ts:49