ClawHub

my_stock_analysis_skill

Security checks across malware telemetry and agentic risk

Overview

This stock-analysis skill is purpose-aligned overall, but it tells the agent to save sensitive portfolio data locally without clear opt-in, retention, or deletion controls.

Install only if you are comfortable with the agent storing portfolio information locally at ~/.openclaw/memory/portfolio.json. Remove account identifiers from screenshots, independently verify all trade advice, and delete or block that file if you do not want holdings retained across sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The skill explicitly instructs the agent to persist portfolio snapshots to ~/.openclaw/memory/portfolio.json, which creates local retention of sensitive financial holdings data without any consent, retention limit, access control, or disclosure in the main skill description. In the context of a finance skill processing positions, cost basis, and screenshots, this increases privacy risk and can expose sensitive user investment information to other local processes, future sessions, or unintended reuse.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill description does not warn users that their portfolio snapshots will be stored locally, despite later instructions mandating persistent file writes. This omission undermines informed consent and is especially risky in a stock-analysis skill, where stored data can reveal holdings, position sizes, and cost basis.

Ssd 3

Medium
Confidence
94% confidence
Finding
Persistently storing portfolio snapshots in a local file creates a data retention risk because sensitive financial data may remain on disk indefinitely in plain form. In a trading skill, this is more dangerous than generic state retention because holdings and cost basis are highly sensitive and could be accessed by other users, processes, or later prompts without the original user's awareness.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal