ClawHub

fund-analyzer

Security checks across malware telemetry and agentic risk

Overview

This is a fund lookup skill that runs local Python scripts to fetch public fund data, with a real but disclosed data-source documentation mismatch.

Install only if you are comfortable sending fund codes and screening choices to public fund-data websites. Treat outputs as informational, verify financial decisions with official sources, and do not provide Alipay cookies or logged-in session data to this skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill instructs execution of local Python scripts and retrieval of remote data, which implies shell and network capabilities, yet no permissions are declared. This creates a transparency and governance gap: the runtime may grant more access than users or platform policy reviewers expect, increasing the risk of misuse, unexpected outbound requests, or unsafe command execution paths in the referenced scripts.

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The skill description claims data comes from Alipay fund pages, but the documented URLs point to Eastmoney/Tiantian Fund, and it also exposes comparison functionality not clearly declared in the top-level description. This mismatch is dangerous because users and reviewers may make trust, privacy, and compliance decisions based on false provenance and incomplete capability disclosure, especially for a networked financial-data skill.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The guide describes the skill as using Alipay fund data, but the documented sources are actually Eastmoney/1234567.com and other third-party sites. This inconsistency can mislead users, reviewers, or downstream agents about trust assumptions, legal/compliance boundaries, and the authentication model, especially where the text claims some data requires simulated login and cookies.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The script header states the data source is Eastmoney, while the skill metadata claims the data comes from Alipay fund pages. This kind of provenance mismatch is a real security and trust issue because users, reviewers, and downstream systems may rely on incorrect assumptions about where data is collected, what terms apply, and what privacy or integrity guarantees exist.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill metadata says data comes from Alipay fund pages, but this script actually scrapes Eastmoney. This is a genuine trust and provenance issue: users, operators, or downstream policy controls may make decisions based on the declared source, while the code uses a different third-party site with different terms, data quality, and reliability characteristics.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal