ClawHub

Bank Credit Investigation

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only bank credit due diligence assistant that gives high-stakes draft credit analysis, but it does not run code, persist data, collect credentials, or take actions.

Install only if you want a bank credit underwriting workflow. Treat its ratings, pricing, collateral, covenant, and lending recommendations as draft analytical support for qualified internal review, and avoid pasting confidential borrower data unless your chat environment is approved for that information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The skill’s safety notice says it does not provide financial advice, yet later sections explicitly produce credit facility structures, pricing guidance, collateral requirements, covenant terms, and lending recommendations. This mismatch can mislead users and downstream systems about the skill’s actual function, increasing the risk that regulated advisory output is relied upon without appropriate controls, review gates, or compliance handling.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The metadata labels the skill as educational-reference and advisory-only, but the body instructs the assistant to generate concrete borrower ratings,授信建议, facility structures, and monitoring covenants. This creates a trust-boundary problem: operators may enable or route the skill under a lower-risk classification while it actually performs substantive credit recommendation functions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger list contains broad, common credit-analysis phrases such as '信用分析', '行业风险', and '财务报表分析' that could match ordinary user requests outside a narrowly scoped invocation context. This can cause unintended activation of the skill, exposing users to unsolicited financial-analysis behavior or routing sensitive banking-related queries into this workflow when a more general assistant response was expected.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal