ClawHub

gh-stock-deep-analysis

Security checks across malware telemetry and agentic risk

Overview

This is a stock-analysis prompt skill with broad auto-triggers, but its tools and behavior match its stated purpose and there is no evidence of hidden code, persistence, credential theft, data mutation, or exfiltration.

Install only if you are comfortable with a stock-analysis skill that may activate on bare tickers or company names and may query external finance/search providers. Avoid including confidential portfolio details, internal research, account information, or trading instructions in prompts; use explicit stock-analysis requests to reduce accidental activation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill is configured to activate on bare stock names or ticker codes without requiring explicit analytical intent. This can cause unintended invocation during ordinary conversation, symbol mentions, or pasted market content, leading the agent to fetch external data and produce investment-style outputs when the user did not ask for them.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The examples explicitly teach that standalone names and codes are valid triggers, reinforcing ambiguous activation behavior. In practice this increases the chance that routine mentions like 'AAPL' or '腾讯控股' will invoke the skill unexpectedly and expose users to unsolicited financial analysis or unnecessary external tool usage.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The regex matches generic six-digit codes, Hong Kong tickers, U.S. tickers, and several company names with no strong intent boundary. This broad pattern makes accidental activation likely in many benign contexts, especially in chats containing pasted watchlists, market summaries, or mixed financial discussion, causing the skill to run when not requested.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Using the generic trigger '分析' can cause the skill to activate during unrelated conversations, creating prompt-scope hijacking and unintended tool-use opportunities. In this skill, activation can lead to broad market/news searches and generation of authoritative financial recommendations, which increases the chance of inappropriate invocation in contexts the user did not intend.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Auto-activating on any stock name or stock code is overly broad and can trigger the skill from casual mentions, examples, pasted watchlists, or multi-topic discussions. Because the skill instructs extensive tool usage and outputs trading guidance, unintended activation can misroute the conversation and amplify the risk of unauthorized or contextually inappropriate financial analysis.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger set is broad enough to activate on common stock-related phrases and loosely structured regexes, which can cause unintended invocation. In a financial-analysis skill, accidental activation is risky because it may fetch market data, browse external sources, or present investment-style outputs when the user did not explicitly request this skill.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The raw six-digit trigger '[0-9]{6}' can match many unrelated numbers, including IDs, dates, codes, or amounts, causing false activations. Because this skill is connected to external data and browser tools, such collisions could unexpectedly launch financial analysis workflows, creating confusing or misleading outputs and unnecessary external lookups.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal