ClawHub

Stock Copilot Pro

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed stock-analysis skill that uses a QVeris API key, stores local watchlist/template state, and does not show trading, exfiltration, destructive actions, or hidden installation behavior.

Install only if you are comfortable giving the skill a scoped QVeris API key and sending stock symbols/watchlist-related queries to qveris.ai. Review optional cron jobs before enabling them, delete or review local watchlist/evolution files when needed, and treat generated investment analysis as research rather than financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The skill persistently records tool behavior, successful parameters, errors, and sample parameter templates into .evolution/tool-evolution.json. Even though there is redaction logic, this creates a long-lived behavioral datastore that can retain sensitive query patterns, symbols, company names, and partially redacted provider data, expanding the blast radius if local files are exposed or later reused in unintended contexts.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The skill enables auto-invocation but the metadata and documentation do not define clear trigger boundaries, exclusions, or confirmation requirements. In a financial-analysis skill with watchlist management and scheduled briefing behavior, broad auto-invocation can cause unintended execution, external API calls, or generation of trading-oriented outputs without explicit user intent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal