A Stock Trader

Security checks across malware telemetry and agentic risk

Overview

This is a local paper-trading helper that fetches public market data and stores simulated trading records, with minor implementation caveats but no evidence of credential theft, real trading, hidden execution, or destructive behavior.

Install only if you are comfortable with the skill creating and updating a local SQLite database under ~/.openclaw/workspace/a-stock/ and fetching public market data over the network. Treat all results as educational paper-trading output, not investment advice, and avoid adversarial or unusual stock-code input until the SQL query is fixed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 98% confidence
Finding: The `load_data` function builds a SQL query with an f-string using the user-controlled `code` argument directly: `WHERE code='{code}'`. This allows SQL injection against the local SQLite database, enabling an attacker to alter query logic and potentially read unintended rows or manipulate the query beyond the script’s stated backtesting purpose. In this skill context, the risk is somewhat bounded by SQLite and a fixed local DB path, but it is still a real vulnerability because the CLI accepts arbitrary input and the script processes it without validation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal