ClawWatch

Security checks across malware telemetry and agentic risk

Overview

ClawWatch is a coherent watchlist tool for market prices and alerts, with disclosed local files, optional API keys, and command use that fit its purpose.

Before installing, verify the pip package source and choose a specific trusted version. Avoid putting sensitive portfolio details in watchlist notes, treat any configured API keys as private, and only allow watchlist JSON to be passed to another analysis agent when you intend that sharing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The CLI reference advertises support for CoinCap and Finnhub API keys even though the skill metadata says pricing comes from CoinPaprika and Yahoo Finance. This mismatch expands the apparent data-provider and credential-handling surface, creating a risk that the agent or users will supply secrets for undocumented third parties or invoke behavior outside the reviewed scope.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill description is broadly scoped around generic watchlist, alerts, prices, and market overview requests, which can cause the agent to invoke this skill for ordinary finance conversation that may not require tool use. Over-broad activation increases the chance of unnecessary command execution, unintended data access from local watchlist/cache files, or routing user requests into a tool workflow without clear user intent.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal