ClawHub

A Stock Trading Signals

Security checks across malware telemetry and agentic risk

Overview

This paid stock-signal skill is a review item because it advertises real-time A-share/HK-stock signals, but the supplied API code appears to return hard-coded demo data and does not match the advertised endpoints.

Read this carefully before installing or paying. Confirm with the publisher that the deployed endpoint actually uses live market data, supports the advertised markets and routes, and enforces x402 as described. Only use it with explicit per-call payment approval and do not treat its stock outputs as investment advice unless the data source and freshness are independently verified.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill metadata and description advertise real-time A股/港股 quantitative screening and paid API-backed signal generation, but the documented behavior indicates a different implementation, including mock/hardcoded results and incomplete market support. In a paid financial context, this is dangerous because users or agents may rely on inaccurate capabilities, spend funds via x402, and make trading decisions based on misleading or non-functional output.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The file advertises paid x402-gated access, but the /signals endpoint never enforces payment verification before returning data. This creates a clear payment bypass: clients can access the supposedly paid service for free, undermining revenue controls and any trust assumptions about paid-only access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal