港股 AI 概念板块专属投研顾问。结合宏观流动性、南向资金博弈与 AI 产业基本面，提供深度的个股挖掘与风控策略。

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Hong Kong AI-sector stock research assistant with disclosed finance data access and no evidence of hidden code, persistence, or data exfiltration.

Install only if you want a finance-focused assistant for Hong Kong AI-sector research. Be careful with any API keys, limit local file access to documents you intentionally want analyzed, verify market data from primary sources, and do not treat generated stock plans as licensed financial advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases are broad enough to match very common finance-related user requests such as market review, stock analysis, or macro outlook. This can cause the skill to activate outside a narrowly intended context, increasing the chance that it overrides other safer or more appropriate behaviors and exposes sensitive capabilities like network-backed financial analysis more often than necessary.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal