ClawHub

Finam

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Finam trading API skill that uses user-provided brokerage credentials for expected market data, portfolio, and order workflows, with no evidence of hidden behavior.

Install only if you intend to let an agent work with your Finam account. Use the narrowest available API permissions, keep keys out of chat and logs, confirm every order parameter before execution, and prefer read-only credentials when you only need research or portfolio viewing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (11)

Vague Triggers

Medium
Confidence
71% confidence
Finding
The description is broad enough to trigger on general finance-related requests, increasing the chance the skill is invoked in contexts involving sensitive financial data or live trading actions. In a trading skill, overbroad activation materially raises risk because mistaken invocation could lead to disclosure of portfolio data or transactional operations.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The setup instructions handle sensitive financial secrets and account identifiers but do not provide a prominent warning about protecting them, avoiding logging, or the consequences of exposing them. In a brokerage context, credential misuse can lead to unauthorized access to portfolio data and trading capability.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation repeatedly instructs users to send a long-lived secret token in Authorization headers and session-related requests, but provides no warning about credential handling, storage, log redaction, or least-privilege use. In a trading skill that exposes account data and trading capabilities, this omission materially increases the chance of accidental token leakage and subsequent account compromise.

Missing User Warnings

High
Confidence
95% confidence
Finding
The file documents live order placement and cancellation endpoints for a real brokerage API without prominent warnings about irreversible financial consequences, confirmation requirements, or safe defaults. In this skill context, an agent or user could treat these calls as routine API actions and unintentionally place, modify, or cancel real trades affecting customer funds.

External Transmission

Medium
Category
Data Exfiltration
Content
**Request Example**

```curl
curl https://api.finam.ru/v1/sessions \
  --request POST \
  --header 'Content-Type: application/json' \
Confidence
93% confidence
Finding
curl curl https://api.finam.ru/v1/sessions \ --request POST \ --header 'Content-Type: application/json' \ --header 'Authorization: YOUR_SECRET_TOKEN' \ --data

External Transmission

Medium
Category
Data Exfiltration
Content
**Request Example**

```curl
curl https://api.finam.ru/v1/sessions/details \
  --request POST \
  --header 'Content-Type: application/json' \
Confidence
85% confidence
Finding
curl curl https://api.finam.ru/v1/sessions/details \ --request POST \ --header 'Content-Type: application/json' \ --header 'Authorization: YOUR_SECRET_TOKEN' \ --data

External Transmission

Medium
Category
Data Exfiltration
Content
**Request Example**

```curl
curl 'https://api.finam.ru/v1/accounts/{accountId}/orders' \
  --request POST \
  --header 'Content-Type: application/json' \
Confidence
97% confidence
Finding
curl curl 'https://api.finam.ru/v1/accounts/{accountId}/orders' \ --request POST \ --header 'Content-Type: application/json' \ --header 'Authorization: YOUR_SECRET_TOKEN' \ --data

External Transmission

Medium
Category
Data Exfiltration
Content
**Request Example**

```curl
curl 'https://api.finam.ru/v1/accounts/{accountId}/sltp-orders' \
  --request POST \
  --header 'Content-Type: application/json' \
Confidence
96% confidence
Finding
curl curl 'https://api.finam.ru/v1/accounts/{accountId}/sltp-orders' \ --request POST \ --header 'Content-Type: application/json' \ --header 'Authorization: YOUR_SECRET_TOKEN' \ --data

External Transmission

Medium
Category
Data Exfiltration
Content
**Request Example**

```curl
curl https://api.finam.ru/v1/report \
  --request POST \
  --header 'Content-Type: application/json' \
Confidence
78% confidence
Finding
curl curl https://api.finam.ru/v1/report \ --request POST \ --header 'Content-Type: application/json' \ --header 'Authorization: YOUR_SECRET_TOKEN' \ --data

Tool Parameter Abuse

High
Category
Tool Misuse
Content
- [GET /v1/accounts/{accountId}/orders](#получение-списка-заявок-для-аккаунта)
- [POST /v1/accounts/{accountId}/orders](#выставление-биржевой-заявки)
- [GET /v1/accounts/{accountId}/orders/{orderId}](#получение-информации-о-конкретном-ордере)
- [DELETE /v1/accounts/{accountId}/orders/{orderId}](#отмена-биржевой-заявки)
- [POST /v1/accounts/{accountId}/sltp-orders](#выставление-sltp-заявки)

---
Confidence
92% confidence
Finding
DELETE /v1/accounts/{accountId}/orders/{orderId}](#отмена-биржевой-заявки)

Tool Parameter Abuse

High
Category
Tool Misuse
Content
### Отмена биржевой заявки

`DELETE /v1/accounts/{accountId}/orders/{orderId}`

**Path Parameters**
Confidence
95% confidence
Finding
DELETE /v1/accounts/{accountId}/orders/{orderId}`

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal