ClawHub

股票价值投资分析

Security checks across malware telemetry and agentic risk

Overview

This is a coherent stock valuation skill with disclosed public market-data fetching and a small local watchlist, but users should treat its investment outputs and dependencies cautiously.

Install in a virtual environment, consider pinning dependencies before use, and review the separate pdf-parser skill before giving it sensitive reports. The skill stores a local watchlist in your home directory, fetches public market data, and may produce buy/sell-style analysis that should be independently verified before making financial decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (16)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill advertises no declared permissions, yet the documentation clearly indicates file read/write behavior through PDF ingestion and watchlist persistence. This creates an undeclared capability gap: users and the platform cannot accurately reason about what local data the skill may access or modify, increasing the risk of unintended file access or silent data persistence.

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The manifest frames the skill as analysis-focused, but the documentation expands behavior into watchlist management, local persistence, and market-data retrieval. That mismatch weakens informed consent and reviewability: a user invoking 'analysis' may not expect local state changes or external data access, which broadens the attack surface beyond the declared purpose.

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
Watchlist management and valuation alerting introduce ongoing stateful behavior beyond one-shot valuation analysis. In context, this means the skill may retain user portfolio interests and write local tracking data, which is more sensitive than the manifest suggests and can expose private investment preferences if mishandled.

Context-Inappropriate Capability

Medium
Confidence
80% confidence
Finding
Referencing Feishu document automation suggests planned external integration not covered by the stated valuation-analysis scope. If implemented without explicit declaration and consent, such integration could export analysis results or user-supplied financial documents to third-party services, increasing confidentiality and data-governance risk.

Context-Inappropriate Capability

Low
Confidence
77% confidence
Finding
Exposing an absolute local filesystem path reveals host-environment structure and implies dependence on host-local files. While not directly exploitable on its own, this leaks unnecessary implementation detail and can aid environment fingerprinting or encourage unsafe assumptions about accessible local resources.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The function and comments claim to provide historical valuation data for percentile analysis, but it actually retrieves only historical prices and later uses price percentile as a proxy. In an investment-analysis skill, this is dangerous because users may make decisions based on mislabeled analytics, believing they are seeing PE/PB valuation history when they are not.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The function advertises industry peer valuation comparison but returns whole-market medians instead, which can materially mislead users about relative valuation. In the context of a stock valuation skill, this mismatch undermines the core analytical promise and may bias investment decisions with incorrect benchmarking.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This file gives specific buy/sell triggers, safety-margin thresholds, and position-sizing recommendations that could be treated by users as actionable financial advice. In an investment-analysis skill, that is risky because the content can directly influence allocation decisions and asset losses, especially without a clear disclaimer that outputs are educational, not personalized, and require user suitability assessment.

Unpinned Dependencies

Low
Category
Supply Chain
Content
# 安装命令: pip install -r requirements.txt

# 核心数据获取
akshare>=1.15.0

# 数据处理
pandas>=2.0.0
Confidence
91% confidence
Finding
akshare>=1.15.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
akshare>=1.15.0

# 数据处理
pandas>=2.0.0
numpy>=1.24.0

# 终端输出美化
Confidence
92% confidence
Finding
pandas>=2.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
# 数据处理
pandas>=2.0.0
numpy>=1.24.0

# 终端输出美化
rich>=13.0.0
Confidence
92% confidence
Finding
numpy>=1.24.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
numpy>=1.24.0

# 终端输出美化
rich>=13.0.0
tabulate>=0.9.0

# HTTP 请求
Confidence
88% confidence
Finding
rich>=13.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
# 终端输出美化
rich>=13.0.0
tabulate>=0.9.0

# HTTP 请求
requests>=2.31.0
Confidence
88% confidence
Finding
tabulate>=0.9.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
tabulate>=0.9.0

# HTTP 请求
requests>=2.31.0

# 日期时间处理
python-dateutil>=2.8.0
Confidence
94% confidence
Finding
requests>=2.31.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0

# 日期时间处理
python-dateutil>=2.8.0

# 可选:PDF生成(用于输出PDF报告)
# weasyprint>=60.0
Confidence
87% confidence
Finding
python-dateutil>=2.8.0

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
84% confidence
Finding
requests

VirusTotal

No VirusTotal findings

View on VirusTotal