ClawHub

China A Stock Trader

Security checks across malware telemetry and agentic risk

Overview

This skill fetches public stock-market data and produces trading-style analysis, with no evidence of credential access, trade execution, persistence, or hidden behavior.

Install only if you want an agent to contact third-party finance data providers and generate speculative A-share trading analysis. Treat outputs as informational, verify prices and financial data independently, and do not provide brokerage credentials, private portfolio details, or account access because this skill does not need them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documents live market-data retrieval from external services (e.g., 腾讯财经, akshare) but does not declare any permissions. Undeclared network capability reduces transparency and reviewability, which can lead to unexpected outbound requests, data leakage, or policy bypass when the skill is invoked.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger scope is very broad ('问股票、分析行情、选股推荐、风险提示'), making the skill eligible for many common finance-related prompts. Overbroad triggers can cause the agent to invoke this skill unexpectedly, increasing the chance of unsolicited financial guidance, unintended data access, or inappropriate tool use in contexts where a narrower skill should apply.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The usage examples are generic natural-language prompts such as '这个股票能买吗' and '帮我选一只股票' without constraints, asset-scope checks, or suitability gating. In a trading skill, such vague invocation patterns increase the risk of over-triggering and producing direct investment recommendations without sufficient context, which is more dangerous than in a benign informational skill.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill performs multiple outbound requests to third-party market-data providers without explicit user disclosure or consent. In an agent environment, this can expose user interests, queried tickers, timing patterns, and environment metadata (for example IP-based information) to external services, which is a real privacy and data-governance risk even if the requests are functionally necessary.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal