ClawHub

主力建仓扫描

Security checks across malware telemetry and agentic risk

Overview

This skill is a public stock-market scanner that fetches Eastmoney data and saves a local report, with no evidence of trading, credential theft, hidden persistence, or destructive behavior.

Install only if you are comfortable with the skill contacting Eastmoney for public stock data and saving scan reports locally. Expect to fix the hardcoded output path and run the script with Python rather than bash. Treat the generated stock candidates as informational only, not financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill instructs execution of a local shell script and writes output to a workspace memory file, which indicates code execution, file write, and likely network-backed market data access, yet no permissions are declared. This creates a trust and sandboxing gap: an orchestrator may expose more capability than the user or platform expects, making unintended file modification or external data access harder to audit and control.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger phrases are broad enough to match ordinary investment-related requests such as '扫股' or '找主力', which can cause the skill to activate when the user did not explicitly intend this specific scanner. Misrouting is not directly a code-execution bug, but it can lead to unintended tool use, unnecessary market scans, and unexpected file/report generation in response to ambiguous prompts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal