Back to skill

Security audit

美国市场政策查询Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a low-risk local mock/template skill, but it overstates live policy and AI capabilities and should not be trusted for real policy decisions.

Install only as a demo/template. Do not rely on its outputs for legal, tax, compliance, investment, or business decisions, and do not provide real API keys or sensitive business context unless the skill is updated to use trusted sources with clear privacy and credential-handling documentation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The module advertises live querying and analysis of U.S. market policies, but the implementation only returns hardcoded mock content with placeholder values like '${name}'. In a policy/compliance skill, this can mislead users into relying on fabricated or stale information for investment, tax, labor, or regulatory decisions, creating integrity and trust risks even though it is not direct code execution.

Intent-Code Divergence

Low
Confidence
92% confidence
Finding
The function name and surrounding comments imply data is fetched from configured sources, but the code explicitly returns simulated data instead. This discrepancy can cause downstream systems or users to trust results as authoritative when they are synthetic, which is especially risky in a regulatory-information context.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The README presents very broad natural-language invocation examples such as asking the agent how to conduct business in the US or to monitor policy changes, but it does not define scope limits, approved data sources, or prohibited actions. In an agent ecosystem, vague triggers can cause overbroad execution, unintended autonomous behavior, or retrieval/sharing of sensitive or regulated information beyond the user's intended request.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The README advertises configurable external data-source APIs and environment-variable credentials, but it does not warn users that queries and possibly business context may be transmitted to third-party services. This creates a privacy and compliance risk because users may supply sensitive commercial information or secrets without understanding outbound data flows, retention, or vendor handling.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.