ClawHub

Quodd

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: fetch stock quotes from Quodd using user-supplied Quodd credentials, with a disclosed short-lived local token cache.

Install only if you are comfortable giving this skill access to your Quodd account credentials. Use dedicated Quodd credentials if possible, avoid setting them in shared shells, and remove ~/.openclaw/credentials/quodd-token.json if you want to clear the cached token before its 20-hour expiry.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill advertises executable behavior that uses environment variables, local credential/token files, and network access, but it does not declare permissions explicitly. This weakens user and platform visibility into what the skill can access, making credential use and file writes less transparent and increasing the chance of over-privileged or unexpected behavior going unnoticed.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger language is broad enough to match many generic requests about stock prices, quotes, market data, or ticker information, which can cause the skill to activate more often than users expect. In a skill that sends queries and credentials to an external service, overbroad invocation increases the risk of unnecessary third-party data disclosure and unintended tool use.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation explains usage but omits a clear warning that ticker symbols and authentication credentials are transmitted to the external Quodd API. This reduces informed consent and transparency for users and operators, especially because the skill also caches authentication tokens locally for extended periods.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal