ClawHub

Quant Strategy Searcher

Security checks across malware telemetry and agentic risk

Overview

The skill largely matches its stock-analysis purpose, but it handles remote database credentials and can log proxy environment values in a way users should review before installing.

Install only if you trust the publisher and can provide a least-privilege database password for the stated remote MySQL database. Avoid running it in environments where proxy variables contain credentials unless the proxy logging issue is fixed or logs are tightly controlled. Treat outputs as investment research support, not financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill loads a database password from the DB_PASSWORD environment variable and uses it to connect to a remote database. Accessing secrets can be legitimate for a database-backed skill, but it expands the skill's trust boundary and is not disclosed to users; if the skill is over-permissioned or compromised, those credentials could be abused to access or exfiltrate strategy data.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The proxy check iterates over proxy-related environment variables and logs both the variable name and its full value. Proxy environment variables often contain internal network topology or embedded credentials, so writing them to logs can leak sensitive infrastructure details to operators, log aggregators, or downstream systems.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly requires a DB_PASSWORD for a remote MySQL database and includes host, username, and database details, but provides no clear warning about how the credential is transmitted, stored, or protected. This creates a meaningful risk of credential misuse, unauthorized database access, and accidental secret exposure, especially because the skill is designed to connect to an external third-party host.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill silently consumes a database password from the environment without any user-facing disclosure that secret-backed remote data access is taking place. In agent environments, undisclosed secret use is risky because users may assume a local-only analysis tool while the skill is actually operating with privileged backend access.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill makes outbound requests to third-party data sources and web/news services as part of stock analysis, but there is no visible user disclosure or consent flow. This can expose user queries, stock interests, and operational metadata to external services, which is a meaningful security and privacy concern in an agent skill.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal