ClawHub

all in one skill for wencai 同花顺

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward finance-query skill for 同花顺问财, with the main caution that your queries and API key are sent to the configured API endpoint.

Install only if you intend to send relevant financial queries to 同花顺问财. Keep IWENCAI_BASE_URL at the default official host unless you fully trust the alternative, protect the IWENCAI_API_KEY, and avoid entering confidential investment plans, proprietary company research, or unrelated secrets into queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tainted flow: 'req' from os.environ.get (line 67, credential/environment) → urllib.request.urlopen (network output)

Critical
Category
Data Flow
Content
body = json.dumps(payload, ensure_ascii=False).encode("utf-8")
    req  = urllib.request.Request(url, data=body, headers=headers, method="POST")
    try:
        with urllib.request.urlopen(req, timeout=timeout) as resp:
            return json.loads(resp.read().decode("utf-8"))
    except urllib.error.HTTPError as e:
        err_body = e.read().decode("utf-8", errors="replace")
Confidence
93% confidence
Finding
with urllib.request.urlopen(req, timeout=timeout) as resp:

Vague Triggers

Medium
Confidence
81% confidence
Finding
The skill claims it must be used for a very broad set of common finance-related prompts, with no exclusions for privacy-sensitive, unsupported, or lower-risk local handling cases. Overbroad mandatory routing increases the chance that unrelated or sensitive user queries are unnecessarily sent to an external service.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation shows that user queries and an authorization token are transmitted to an external API, but it does not clearly state this to end users at the point of use. Lack of transparency around third-party transmission can cause unintended disclosure of potentially sensitive financial research intent or proprietary query content.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal