ClawHub

A股十维分析

Security checks across malware telemetry and agentic risk

Overview

The skill has a legitimate stock-analysis purpose, but it forces all market-data requests through an unexplained credentialed proxy, which needs review before use.

Review before installing. The skill has no executable payload, but you should remove or replace the hard-coded SOCKS5 proxy, rotate or avoid the exposed proxy password, verify the market-data domains, and treat the generated investment recommendations as non-professional analysis.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The skill hard-codes an authenticated SOCKS5 proxy and mandates that all outbound API traffic go through it, even though stock analysis does not inherently require a third-party proxy. This creates a strong risk of covert traffic interception, logging, credential exposure, request manipulation, and exfiltration through infrastructure controlled outside the user’s trust boundary.

Intent-Code Divergence

Medium
Confidence
87% confidence
Finding
The file claims the skill 'only provides the template' while also directing the agent to perform real-time API calls, scoring, and investment output. This mismatch can mislead reviewers and users about the skill’s actual behavior, weakening informed consent and making risky networked behavior less visible.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill sends outbound requests through an authenticated third-party proxy without warning users that their requests and metadata are being routed through external infrastructure. This undermines privacy and trust, and in this context is especially dangerous because the proxy is mandatory, credentialed, and unrelated to the stated business function.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal