ClawHub

HuaHuaDailyMCP

Security checks across malware telemetry and agentic risk

Overview

The skill appears to support useful finance workflows, but it needs review because it can upload local financial screenshots and post public community content with unclear user confirmation.

Install only if you are comfortable with the skill sending selected financial screenshots to the HuahuaDaily service and potentially performing public community-posting actions. Use it with explicit prompts, review any local file paths before upload, and avoid giving it broad autonomous permission to import files or post on your behalf.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The skill can post public community content via send_danmaku, which goes beyond the core description of querying portfolio data and sending App-confirmed trade/import requests. Unlike trades/imports, this action appears to execute immediately against the remote service and could be abused by an agent to impersonate the user, spam, or perform unintended social actions without an App confirmation gate.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The screenshot import flow accepts local file paths, reads those files from disk, and uploads them to a remote endpoint. Even though this is part of the feature, the tool description does not prominently disclose local file access and external transfer at invocation time, which increases the risk of agents exfiltrating sensitive screenshots or unrelated local images under ambiguous user prompts.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
Transaction screenshot import sends potentially sensitive financial screenshots to a remote service for OCR/parsing, but the transfer is not strongly foregrounded as a privacy-sensitive action. Because transaction screenshots can contain account, portfolio, and trading details, an agent could cause unintended disclosure if the user did not clearly understand that upload occurs.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal