ClawHub
Back to skill

Security audit

VN Stock Scanner

Security checks across malware telemetry and agentic risk

Overview

This skill fetches public Vietnamese stock news and ticker data as described, with implementation safety caveats but no evidence of hidden or destructive behavior.

Before installing, confirm the command points to the bundled scanner.py on your machine, ensure Python dependencies are available, and treat returned market news as untrusted because HTTPS verification is disabled and rumor/news content can be inaccurate or market-sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
81% confidence
Finding
The news-scan triggers are broad enough to match ordinary financial conversation, causing the skill to invoke external retrieval in cases where the user may only want discussion or analysis. In a finance context, this increases the chance of unnecessary tool execution, over-collection of untrusted content, and surprising behavior around market-sensitive topics such as rumors and insider transactions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill tells the agent to execute a local Python subprocess for ticker lookup without any disclosure or warning to the user. Undisclosed subprocess use is risky because it expands the trust boundary to local code execution and may process user-derived input, making failures, misuse, or downstream command-handling bugs harder to detect and govern.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill invokes a local Python subprocess to retrieve news, including user-influenced keywords, without notifying the user. This is more dangerous in context because the content involves rumors and market-moving information from external sources, so hidden execution and retrieval can amplify misinformation, surprise the user, and expose the system to untrusted inputs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal