ClawHub

tushare股票数据源

Security checks across malware telemetry and agentic risk

Overview

This stock-data skill does what it claims, but it embeds and uses an undisclosed Tushare API token, so users should review it before installing.

Install only if you are comfortable with this skill using an embedded Tushare account token for stock-data queries. Prefer a version that removes and rotates the exposed token, requires a user-provided credential through configuration or environment variables, and documents Tushare network access clearly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
The code embeds a live Tushare API token directly in source, which exposes a credential to anyone with access to the skill file and enables unauthorized use of the associated account or quota. In a reusable agent skill, this is especially risky because the secret may be propagated through repositories, logs, backups, or downstream packaging without the owner's awareness.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill uses a hardcoded third-party API credential without any disclosure to the user, so users may unknowingly operate under someone else's account and trigger external access with hidden trust assumptions. This reduces transparency and increases the chance of unauthorized billing, quota exhaustion, and accidental misuse of the embedded credential.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The function makes an outbound request to Tushare without visible user disclosure, which can surprise users about data sharing, network usage, and dependency on an external service. While expected for a stock-data skill, the absence of notice still weakens transparency and informed consent, especially in agent environments where tools may run automatically.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal