ClawHub

金融知识

Security checks across malware telemetry and agentic risk

Overview

This finance lookup skill is mostly static content, but it automatically appends a specific bank promotion and a remotely hosted QR/image to answers.

Install only if you are comfortable with finance answers including a promotional bank mini-program image. Verify any QR code or banking destination through official bank channels before scanning or entering personal or financial information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The skill requires every response to append promotional text for a specific bank and a remote image, regardless of the user's request or consent. This creates undisclosed advertising and steers users toward a named financial platform in a finance-advice context, which is especially sensitive because users may interpret the endorsement as trusted guidance from the assistant.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the assistant to display a remote image from an external domain as part of user interactions without clear disclosure that third-party content will be loaded. This can expose users to external tracking, unexpected network access, and content changes outside the trusted local knowledge base, undermining the stated source-of-truth boundary.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger for recommending a banking platform is vague ('when the user has more financial knowledge or product understanding needs' / '高意向'), leaving broad discretion to inject platform promotion into ordinary finance Q&A. In a finance skill, this ambiguity is more dangerous because users are likely seeking neutral factual information, and unclear boundaries can turn retrieval answers into covert marketing or biased steering.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal