ClawHub

Banana Farmer

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only market-data integration that sends requested ticker lookups to Banana Farmer and shows no hidden persistence, destructive behavior, or unauthorized endpoints.

Install only if you are comfortable using Banana Farmer as an external market-data provider. Keep BF_API_KEY private, use a minimal portfolio file, assume analyzed ticker symbols may be sent to bananafarmer.app, and treat scores, alerts, and win-rate claims as research rather than financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill requires network access and an environment secret (`BF_API_KEY`) but does not declare permissions explicitly, which weakens user visibility and consent over sensitive capabilities. In an agent ecosystem, undeclared capabilities increase the chance that a user invokes a networked skill without realizing it can transmit prompts, ticker queries, portfolio contents, or API credentials to an external service.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The portfolio trigger phrases are broad enough that normal investment conversation could cause the agent to activate portfolio-processing behavior unexpectedly. Because portfolio workflows may involve sensitive local files (`portfolios.json`) and transmission of holdings to a remote API, overly permissive triggers can lead to unintended disclosure of financial positions.

Vague Triggers

Medium
Confidence
81% confidence
Finding
Alert-style phrases such as checking whether 'any of my stocks' are overbought are ambiguous and can overlap with ordinary conversation, potentially triggering portfolio or holdings analysis without clear user intent. In context, that can expose a user's personal holdings or cause unintended remote lookups against an external service.

External Transmission

Medium
Category
Data Exfiltration
Content
**Option A — Self-provision a free key instantly (no account needed):**
```bash
curl -s -X POST "https://bananafarmer.app/api/bot/v1/keys/trial" \
  -H "Content-Type: application/json" \
  -d '{"name": "My Agent", "email": "you@example.com"}'
```
Confidence
84% confidence
Finding
curl -s -X POST "https://bananafarmer.app/api/bot/v1/keys/trial" \ -H "Content-Type: application/json" \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal