ClawHub

Stock Analysis Framework

Security checks across malware telemetry and agentic risk

Overview

This stock analysis skill is mostly purpose-aligned, but its scripts can silently read a local portfolio file and send portfolio-derived stock symbols to Sina Finance for quote lookups.

Review before installing if your portfolio data is sensitive. The tool does not appear malicious or capable of trading, but running the monitor or briefing scripts may read your local holdings file and disclose stock symbols to Sina Finance. Avoid using those scripts, remove that local holdings file, or edit the scripts if ticker-level disclosure is unacceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script sends the user's portfolio-derived stock codes to an external Sina market data endpoint without any explicit consent prompt or warning at the call site. Even though only ticker symbols are transmitted rather than share counts or prices, the request still reveals interest in specific holdings and can leak sensitive investment behavior to a third party.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The script automatically reads a portfolio file from ~/.investment-portfolio/holdings.jsonl without explicit runtime disclosure or consent. In a skill context, that can expose sensitive investment holdings unexpectedly, especially when users may not realize local financial data is being consumed.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends portfolio-derived ticker symbols to an external Sina market data endpoint. Even though ticker codes are less sensitive than full account data, a user's holdings and watchlist can reveal investment strategy or financial interests, and the transmission happens without explicit user disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal