ClawHub

Stock Summary

Security checks across malware telemetry and agentic risk

Overview

This skill fetches requested stock data and creates a chart, with no evidence of hidden data access or harmful behavior.

Install only if you are comfortable running a local Python script that sends requested stock symbols to external finance data providers and overwrites a chart image in the OpenClaw workspace. Treat its trading signal as a simple technical indicator, not financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill invokes a Python script that performs network access and shell execution semantics, but the manifest declares no permissions or trust boundaries. This creates a capability mismatch: users and the platform cannot accurately assess or constrain what the skill may do, increasing the risk of unexpected outbound requests, command execution, or future abuse if the implementation changes.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough that ordinary conversation about stocks could unintentionally activate the skill, causing unsolicited external lookups and script execution. In a skill with network and execution capabilities, ambiguous activation increases the attack surface for prompt-triggering, accidental data egress, and user confusion about when the tool is being invoked.

Natural-Language Policy Violations

Medium
Confidence
79% confidence
Finding
The skill description mandates Chinese-language interaction and output without checking user preference, which can mislead users and reduce informed consent about the tool’s behavior. While not a direct code-execution flaw, forced language output can impair review of financial information, warnings, or confirmations and therefore raises usability and trust risks.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal