ClawHub

Financial Fraud Analyzer Lite

Security checks across malware telemetry and agentic risk

Overview

This is a financial-analysis skill with simple local calculator scripts; the main caution is that some documented batch and reference workflows are missing or incomplete.

Use this for local financial risk screening on data you intentionally provide. Treat batch SEC EDGAR mode as incomplete until you review or supply the missing fetch script, and confirm any network fetching before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill invokes local files such as `references/...`, `data.json`, and writes to `tmp/beneish_batch_results.json`, but the manifest does not declare the corresponding file permissions. This creates a capability mismatch: an agent may read or write local data without transparent user consent or runtime gating, increasing the risk of unintended data exposure or unsafe file access.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill directs the agent to execute local Python scripts and shell commands as part of normal operation, but the manifest and instructions do not justify or constrain that execution boundary. This is dangerous because script execution can expand the attack surface to arbitrary code paths, local environment data, dependency abuse, and side effects that go beyond simple financial analysis.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs automatic retrieval from SEC EDGAR and local file output without any user-facing warning, consent step, or clear disclosure of network and filesystem side effects. In practice this can cause silent external requests, leak user interest patterns or identifiers to third parties, and create unanticipated local artifacts containing sensitive analysis inputs or results.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal