ClawHub

Investment Research Analyst

Security checks across malware telemetry and agentic risk

Overview

This investment research skill is mostly coherent, but it can generate and deploy a dashboard without clearly asking the user first.

Install only if you want a Chinese-oriented stock research workflow that may create deployable dashboards. Before using it, require the agent to ask before writing files or deploying anything, confirm whether the deployment is public or private, and avoid entering private portfolio, client, account, or proprietary research information unless the destination is controlled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list is broad enough to activate on generic investing or company-research requests, which can cause the agent to enter a specialized workflow unexpectedly. In this skill, that increases the chance of unrequested financial-analysis behavior and downstream actions such as report generation or deployment steps being invoked without clear user intent.

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
Forcing Chinese-language operation/output without checking user preference can mislead users, degrade comprehension, and cause them to approve or rely on content they cannot fully review. While not directly enabling code execution, it weakens informed consent and is riskier here because the skill produces financial analysis that users may act upon.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow includes creating and deploying an interactive dashboard but does not require explicit user consent or warn that content may be published externally. In this context, the dashboard could contain generated financial conclusions, scraped data summaries, or sensitive research artifacts, making silent deployment an avoidable exposure risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The deployment steps instruct saving HTML to the project directory and using a deploy tool, but they omit warnings about filesystem side effects and external publication. This is dangerous because it normalizes writing artifacts and pushing them to a hosted endpoint without transparency, which can expose proprietary analysis or create unintended public content.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal