ClawHub

A股短线交易决策 A Share Short Term Decision

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent A-share market-analysis tool that writes local reports/logs and can optionally update its own config, with no evidence of deception, exfiltration, or trading-account control.

Install it in an isolated environment, review or pin akshare and pandas if reproducibility matters, and enable the scheduler only if you want recurring market scans. Do not use --apply-to-config unless you intentionally want to change future screening behavior, and treat the generated recommendations as automated market research rather than personal financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill advertises executable workflows that invoke local Python programs and explicitly writes artifacts to `data/decision_log.jsonl` and other files under `data/`, yet it declares no permissions. This mismatch can cause the host or user to underestimate the skill's ability to read environment data and perform filesystem I/O, which is a security-relevant transparency failure even if the described use case is legitimate.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs the agent to run a script that writes artifacts under `data/` and optionally applies the optimized settings to the runtime configuration, but it does not warn the user that files will be created or modified. In an agent setting, undisclosed file writes and config mutation are risky because they can change later trading behavior, overwrite expected state, or cause the agent to perform side-effecting actions without informed user consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal