ClawHub
Back to skill

Security audit

Select Super Stock

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a stock-analysis helper, but it materially overstates its market coverage and screening rigor, so users should review it before relying on it.

Install only if you are comfortable reviewing a financial-analysis skill that runs local Python and fetches market data. Treat its results as research support, not investment advice, and verify any Hong Kong/U.S. coverage, screening output, ROE/dividend/news claims, and cached data freshness independently.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill advertises executable shell usage (`python3 scripts/stock_analyzer.py --symbol ... --full`) and references local scripts, but no permissions are declared. That creates an authorization gap where an agent may invoke code-capable behavior without an explicit permission boundary, increasing the risk of unintended command execution or access to local/networked resources through the scripts.

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The documented behavior materially overstates what the skill does: it claims A-share/HK/U.S. coverage and specific screening criteria, but the implementation reportedly only supports limited A-share analysis and omits key filters. In a financial-analysis skill, this mismatch is dangerous because users or orchestration layers may rely on unsupported analysis paths and receive misleading investment guidance under false assumptions of coverage and rigor.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal