ClawHub
Back to skill

Security audit

Silver Price Inquiry - 白银价格查询

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward silver-price lookup skill with a likely functionality bug, but no evidence of deceptive, destructive, or disproportionate behavior.

Install only if you are comfortable using JisuAPI for silver price data and providing a JISU_API_KEY. The current version appears to have a bug that may prevent successful authenticated requests, so users should expect possible API errors until the request parameter handling is corrected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The helper constructs an `all_params` dictionary containing the required `appkey`, but the actual `requests.get` call sends `params=params` instead. This means the API key is silently omitted from outbound requests, causing authentication failure and making the implementation behave differently from its apparent design and documentation.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The activation guidance includes broad wording such as '或类似白银价格问题时' ('or similar silver price questions'), which can cause the agent to invoke this skill for loosely related prompts. Overly broad triggering can lead to unintended external API calls, unnecessary disclosure of user queries to a third-party provider, and incorrect tool selection when the user meant a different finance task.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The code performs an external network request while omitting the authentication parameter it intended to include, so user-supplied query data may still be transmitted to a third-party service even though the request will likely fail. In a skill context, this is undesirable because it leaks request metadata externally without achieving the expected authenticated API behavior.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal