ClawHub

Catalyst Edge

Security checks across malware telemetry and agentic risk

Overview

This is a personal stock and retirement tracker, but it bundles private financial records and can post financial information to Discord without enough scoping or user control.

Install only if you are the intended user and you trust the configured Discord destination. Before running it, remove or redact bundled personal financial records, rotate the exposed API key, move credentials and Discord targets into private configuration, and add an explicit confirmation/redaction step before any financial details are posted externally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
This document contains highly sensitive personal financial information, including full names, a bank account number, cash flow details, benefits information, debt indicators, and family-related circumstances. Exposing this data in an agent skill or broadly accessible document creates a serious privacy and security risk, enabling financial fraud, targeted phishing, identity theft, and social engineering.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs posting net worth, portfolio changes, overdue financial action items, and milestone events to a Discord channel, which exposes sensitive financial data to a third-party platform and potentially broader audiences than intended. Even if the channel is private, Discord is not described here as a controlled vault for financial records, and the skill provides no consent, minimization, or privacy warning before transmitting personal financial information.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs the agent to read a personal life archive and incorporate that context into a financial review workflow without any boundary on what personal data may be used or disclosed. This creates a real risk of over-collection and secondary use of sensitive personal information, which could then be surfaced in Discord outputs or persisted into portfolio documents without the user's informed awareness.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The file gives concrete, user-directed investment actions such as 'keep adding,' 'reduce,' and 'watch for dip entry' without any warning that the content is not personalized financial advice and that investing carries risk. Because the skill is framed as actionable portfolio guidance for a named user ('JB') with alerting behavior, users may treat it as authoritative advice and act on it without understanding suitability, volatility, or loss risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill embeds a live Alpha Vantage API key in source code and automatically transmits it in outbound requests. Hardcoded secrets are dangerous because anyone with access to the skill can extract and reuse the key, causing unauthorized consumption, rate-limit exhaustion, account abuse, and making secret rotation difficult; the skill context increases concern because it is explicitly designed to make live external calls.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal