ClawHub

同花顺问财ETF选股

Security checks across malware telemetry and agentic risk

Overview

This is a coherent ETF screening skill that uses a disclosed third-party IWENCAI market-data API, with privacy and scope caveats but no evidence of hidden, destructive, or deceptive behavior.

Install only if you are comfortable sending ETF screening queries to the IWENCAI service using your API token. Avoid including private portfolio details, account information, or proprietary investment strategy in queries, and keep any extra search or financial-tool use explicit and limited to the ETF research task.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documents use of environment variables and outbound network access, but no explicit permissions or user-facing disclosure are declared. This creates a transparency and governance gap: a caller may invoke the skill expecting simple local ETF filtering while the skill can access secrets and send queries to an external service.

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The skill is described as an ETF screening tool, but its documented behavior accepts arbitrary natural-language queries and forwards them to a general remote query API using a Bearer token. This mismatch can cause over-broad data transmission, user surprise, and misuse beyond the narrowly declared ETF-screening scope.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The documentation permits the skill to call other financial or search tools when it decides more context is needed, which expands data flow and capabilities beyond the stated ETF-screening purpose. That increases the attack surface and may expose user prompts or derived financial interests to additional external services without clear consent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly documents sending queries over the network with an API key, but does not warn users that their input will be transmitted to a third-party service. For financial queries, this can expose potentially sensitive investment interests, strategies, or proprietary research prompts to an external provider.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The documentation explicitly instructs the agent to send the user's natural-language query directly to an external API and notes API-key authentication, but provides no user-facing disclosure, consent, or guidance on handling sensitive content. This creates a real privacy and data-governance risk because users may unknowingly transmit personal or confidential financial queries to a third-party service.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal