GLM-V-Stock-Analyst

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed stock analysis and report-generation skill with normal dependency and financial-advice risks, but no evidence of hidden, destructive, or exfiltrating behavior.

Install in a normal project sandbox or virtual environment. Expect it to contact market-data services, install Python packages, write stock_data_output reports, and open local report files. Treat investment conclusions as research only, do not provide unrelated secrets, and avoid sharing generated HTML if local path disclosure matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (17)

Context-Inappropriate Capability

Medium

Confidence: 88% confidence
Finding: The skill directs the agent to execute shell commands and open local HTML files in a browser as part of normal operation. For a reporting skill, this is broader than necessary and can be abused to run unintended commands, expose local file paths, or render untrusted generated content in a browser context.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger conditions are very broad and overlap with ordinary conversational requests about companies, trends, or whether a stock is buyable. Overbroad triggering can cause the agent to invoke a high-capability skill unexpectedly, leading to unnecessary network access, shell execution, and file generation in contexts where a simple answer would suffice.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The file contains explicit market-timing and directional heuristics such as '连续多日大幅净买入通常是短期看涨信号' and 'MACD金叉...短期看涨' without any disclaimer that the material is informational only and not financial advice. In the context of a stock-analysis skill whose purpose is to analyze and predict price moves, these statements can be surfaced as prescriptive guidance and may encourage risky trading decisions or overconfident automated recommendations.

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 安装：pip install -r requirements.txt # 核心数据源 akshare>=1.18.0 yfinance>=1.0.0 tushare>=1.4.0
Confidence: 90% confidence
Finding: akshare>=1.18.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 核心数据源 akshare>=1.18.0 yfinance>=1.0.0 tushare>=1.4.0 # 数据处理
Confidence: 90% confidence
Finding: yfinance>=1.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 核心数据源 akshare>=1.18.0 yfinance>=1.0.0 tushare>=1.4.0 # 数据处理 pandas>=2.0.0
Confidence: 90% confidence
Finding: tushare>=1.4.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: tushare>=1.4.0 # 数据处理 pandas>=2.0.0 numpy>=1.24.0 # 图表生成
Confidence: 88% confidence
Finding: pandas>=2.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 数据处理 pandas>=2.0.0 numpy>=1.24.0 # 图表生成 matplotlib>=3.7.0
Confidence: 88% confidence
Finding: numpy>=1.24.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: numpy>=1.24.0 # 图表生成 matplotlib>=3.7.0 # PDF 处理（纯 Python，无需 poppler） pymupdf>=1.23.0
Confidence: 88% confidence
Finding: matplotlib>=3.7.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: matplotlib>=3.7.0 # PDF 处理（纯 Python，无需 poppler） pymupdf>=1.23.0 # 报告导出 fpdf2>=2.7.0
Confidence: 90% confidence
Finding: pymupdf>=1.23.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: pymupdf>=1.23.0 # 报告导出 fpdf2>=2.7.0 python-docx>=1.0.0 Pillow>=10.0.0
Confidence: 90% confidence
Finding: fpdf2>=2.7.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 报告导出 fpdf2>=2.7.0 python-docx>=1.0.0 Pillow>=10.0.0 # MD→HTML 转换
Confidence: 91% confidence
Finding: python-docx>=1.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 报告导出 fpdf2>=2.7.0 python-docx>=1.0.0 Pillow>=10.0.0 # MD→HTML 转换 markdown>=3.6.0
Confidence: 91% confidence
Finding: Pillow>=10.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: Pillow>=10.0.0 # MD→HTML 转换 markdown>=3.6.0 # 通用 requests>=2.31.0
Confidence: 90% confidence
Finding: markdown>=3.6.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: markdown>=3.6.0 # 通用 requests>=2.31.0
Confidence: 91% confidence
Finding: requests>=2.31.0

Known Vulnerable Dependency: markdown — 2 advisory(ies): CVE-2025-69534 (Python-Markdown has an Uncaught Exception); CVE-2025-69534 (Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like se)

High

Category: Supply Chain
Confidence: 80% confidence
Finding: markdown

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High

Category: Supply Chain
Confidence: 83% confidence
Finding: requests

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal