ClawHub

Kuvera Portfolio & Market Data

Security checks across malware telemetry and agentic risk

Overview

This Kuvera skill is read-only and purpose-matched, but it handles financial account credentials in an unsafe way and stores a reusable login token locally without clear protections.

Install only if you are comfortable giving this CLI access to your Kuvera account data. Avoid typing your Kuvera password into shared terminals or logged agent sessions, verify the kuvera-cli executable is the reviewed script, and protect or remove ~/.openclaw/credentials/kuvera/token.json when you no longer need authenticated access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README instructs users to pass an email and password directly on the command line but provides no warning about credential exposure or handling risks. Command-line credentials can be captured in shell history, process listings, terminal logs, or telemetry, which is especially sensitive for a financial account integration.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger phrases are broad and overlap with common investment-related requests, creating a real risk of unintended invocation. Because this skill can surface personal portfolio, transaction, and SIP data when login state exists, accidental routing to this tool could expose sensitive financial information or cause the agent to use an external service when a generic informational response would have been safer.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Documenting login as `kuvera-cli login <email> <password>` encourages passing credentials on the command line, where they may be exposed via shell history, process listings, terminal logs, or agent telemetry. This is especially dangerous in a financial skill because compromise of Kuvera credentials could expose portfolio holdings, transactions, and other sensitive account data.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The CLI takes the password as a positional command-line argument (`login <email> <password>`), which can expose credentials through shell history, process listings, terminal logging, and agent/runtime telemetry. In this skill context, the risk is elevated because the tool is specifically designed to access financial account data, so compromise of the Kuvera password can expose sensitive portfolio and personal information and may enable broader account abuse.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill stores authentication material in `~/.openclaw/credentials/kuvera/token.json` without any explicit disclosure to the user and without setting restrictive file permissions. Local credential persistence increases the attack surface: other local users, processes, backups, or malware may read the token and reuse it to access the user's Kuvera account data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation explicitly instructs users to pass email and password on the command line and states that a JWT token is stored, but provides no warning about credential exposure or token persistence risks. Command-line credentials can be exposed via shell history, process listings, logs, or agent telemetry, and persisted tokens can be reused if stored insecurely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal