Security audit
Yuebao
Security checks across malware telemetry and agentic risk
Overview
This is a plain educational guide about Yu'ebao and money-market fund concepts, with no executable behavior or hidden access.
This appears safe to install as an informational guide. Because it discusses financial products, users should treat it as general education only and verify current Yu'ebao redemption limits, fund rules, and regulatory details in Alipay or official fund disclosures before making financial decisions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
