Back to skill

Security audit

Yuebao

Security checks across malware telemetry and agentic risk

Overview

This is a plain educational guide about Yu'ebao and money-market fund concepts, with no executable behavior or hidden access.

This appears safe to install as an informational guide. Because it discusses financial products, users should treat it as general education only and verify current Yu'ebao redemption limits, fund rules, and regulatory details in Alipay or official fund disclosures before making financial decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.