ClawHub

agent-stock

Security checks across malware telemetry and agentic risk

Overview

This is a coherent stock-analysis skill, but it can create local files containing sensitive trading or holdings details and its recommendations should not be treated as guaranteed financial advice.

Install only if you trust the agent-stock Python package and are comfortable with local markdown reports being created under dist/. Avoid providing brokerage passwords, API keys, or unnecessary personal financial details. Delete or protect saved reports if they include holdings, balances, or trading plans, and independently verify market data and risk before acting on any recommendation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to save detailed holdings analysis to a local file under dist/holdings without requiring user consent, disclosure, or data-minimization. Because holdings data can include sensitive financial positions, balances, and strategy information, silent local persistence creates a privacy and data-retention risk if the file is later accessed by other tools, users, or processes.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to write a trading decision file to a local path under dist/trade without requiring user confirmation, disclosure, or any constraint on when persistence is appropriate. In an agent context, silent file writes can create unauthorized records of sensitive financial analysis, leak trading intent, or be chained with other behaviors that persist potentially regulated or private data to disk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill directs the agent to use user account information as an input to trading decisions but does not warn that such data is sensitive or restrict how it should be handled. In a financial-trading context, account balances, positions, and related information are highly sensitive; using them without privacy safeguards increases the risk of over-collection, unnecessary exposure, or downstream storage and disclosure.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to save generated trading analysis to a local file under `dist/screen/YYYYMMDD_hhmm.md` without any user-facing disclosure, confirmation, or constraint on when persistence is appropriate. Undisclosed file writes create integrity and privacy risks in agent environments because they can leave artifacts on disk, overwrite prior outputs, or be chained with other behaviors to exfiltrate or stage sensitive data.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This skill produces concrete buy/sell decisions, position sizing, stop-losses, and holding periods based on user account and market data, but provides no warning that the output is informational, may be wrong, and can directly affect the user's finances. In this context, omission of a financial-risk disclaimer increases the chance users will over-trust the agent and execute harmful trades, especially because the language presents the model as an expert trader with executable guidance.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill instructs saving trading analysis to disk under a predictable path without notifying the user that files will be created and may contain sensitive account, position, or decision data. This can expose private financial information to other local users, logs, backups, or downstream processes, and creates persistent artifacts the user may not expect.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal