ClawHub

Trump Sentiment

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent Trump-market monitoring tool, but it has under-scoped automated reporting, external Feishu delivery, investment guidance risks, and mismatched high-impact permission metadata.

Install only if you are comfortable with automated political/market monitoring, use of a browser profile, and possible Feishu report delivery. Review or disable any wallet, purchase, credential, and outbound messaging permissions unless you explicitly need them, and treat generated trade ideas as unverified commentary rather than investment advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (13)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The dataset materially diverges from the skill’s stated purpose of Trump sentiment analysis by including broad Iran nuclear, oil, Kalshi, and generic market items with only loose or no direct Trump linkage. In an investment-assistance context, this can bias downstream analysis, cause misattribution of market moves to Trump, and degrade decision quality by mixing unrelated geopolitical and market signals into a supposedly targeted sentiment feed.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The captured dataset is dominated by unverified Iran-war and escalation claims from X posts, which materially departs from the stated purpose of Trump-focused multi-channel sentiment analysis for investment support. In this context, the mismatch is dangerous because it can mislead downstream users or agents into treating rumor-heavy geopolitical content as validated decision intelligence, increasing the chance of harmful investment or operational decisions.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The input dataset is advertised as supporting Trump-focused sentiment analysis, but the supplied items are overwhelmingly about Iran, oil prices, airline fees, and other macroeconomic topics, with only tenuous or isolated Trump relevance. In an investment-assistance skill, this scope drift can mislead downstream analysis, produce incorrect sentiment conclusions, and cause users or agents to make decisions based on unrelated or polluted data.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The dataset contains items unrelated to Trump sentiment analysis, including general geopolitical and market headlines. In an investment-oriented skill, this broadens the input surface beyond the declared scope and can mislead downstream analysis, contaminate sentiment signals, or cause users and agents to act on irrelevant or low-quality data as if it were curated Trump-specific intelligence.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The data file materially diverges from the declared skill purpose of Trump sentiment analysis by centering on Iran war/ceasefire rumors, military incidents, and NATO-exit claims. In an investment-decision support skill, this mismatch can mislead downstream analysis, cause the agent to generate off-scope or sensational conclusions, and increase susceptibility to rumor-amplification from low-verification social posts.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The bundled dataset contains clearly unrelated items (Netflix pricing and Michael Saylor/Bitcoin) in a skill marketed as Trump sentiment analysis. This creates data integrity risk: downstream sentiment summaries, alerts, or investment signals can be polluted by irrelevant content, reducing trustworthiness and potentially leading to incorrect decisions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The workflow explicitly says the skill should complete analysis and then push results to Feishu during automated execution, but it does not warn the user that collected content and derived analysis may be transmitted to an external service. In an investment-monitoring context, that can expose sensitive prompts, market hypotheses, or proprietary monitoring outputs to third parties without informed consent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Even in the manual /trump flow, the skill instructs the agent to push results to Feishu without disclosing that information leaves the local agent context. Because the report may include user-requested analysis, timelines, and investment interpretations, silent exfiltration to an external messaging platform presents a real privacy and data-handling risk.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The activation logic allows broad automatic execution based on Nasdaq movement, with instructions to immediately perform multi-step browsing and reporting in the same session. Poorly scoped autonomous triggers increase the chance of unanticipated browsing, data collection, and external reporting, especially when tied to market events that may occur frequently or ambiguously.

Natural-Language Policy Violations

Low
Confidence
93% confidence
Finding
The input contains multiple directly conflicting social-media claims about an active geopolitical event, including whether a ceasefire was extended, expired, or made indefinite, with several posts explicitly lacking official confirmation. In a skill intended to support investment decisions, presenting or acting on this feed without source ranking, conflict detection, or uncertainty labeling can mislead users into making trading decisions based on unverified or contradictory information.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The JSON input contains a derogatory insult ('orangetard') sourced from social-media content. Even though it appears to be quoted external content rather than authored program logic, retaining and potentially surfacing abusive language in an agent skill can create moderation, reputational, and downstream safety issues if the system republishes or summarizes it without filtering.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The report gives concrete trading ideas such as shorting oil, going long equities, and shorting the S&P based on fast-moving social-media-sourced geopolitical claims, but it does not warn that these are speculative, unverified, and financially risky. In this skill's context—explicitly framed as aiding investment decisions around Trump-related sentiment—users may reasonably act on the guidance, increasing the chance of financial harm from rumor-driven or manipulated information.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger keyword "Trump Iran ceasefire deal" is broad enough to match fast-moving political/news chatter rather than a tightly scoped user intent or vetted source set. In a market-facing sentiment skill, this can cause the agent to ingest rumor-driven or manipulative content and produce investment-oriented conclusions from unverified narratives, increasing the risk of false signals and prompt abuse via noisy public discourse.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal