ClawHub

大虾皮股市工具集

Security checks across malware telemetry and agentic risk

Overview

This is a coherent A-share financial data routing skill, but users should handle API tokens carefully and treat investment-oriented outputs as informational.

Install only if you want a Daxiapi/A-share financial-data router. Do not paste real API tokens into shared chats, logs, screenshots, or command histories; prefer environment variables or a secure local secret store and rotate any exposed token. Review downstream specialist skills and the daxiapi CLI before running commands, and treat stock-selection, buy/sell,定投, or止盈 guidance as non-personalized information, not financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill metadata declares very broad trigger phrases such as generic market/stock analysis terms, which can cause this routing skill to activate for loosely related requests. In an agent system, over-broad activation can misroute user intent, suppress more appropriate skills, and unnecessarily expose users to token setup or command guidance they did not ask for.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The routing table uses ambiguous natural-language keywords like '市场分析', '今天市场怎么样', and '个股分析' without sufficient scope checks. That makes the skill prone to false matches and unintended downstream skill invocation, which is especially risky because this file is a top-level router that can influence many subsequent actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The token configuration section instructs users to read and set API tokens, including passing the token directly on the command line, but does not warn about shell history, logs, screenshots, or least-privilege handling. Credentials exposed via CLI arguments or casual copy/paste can be captured by shell history, process listings, terminal recording, or support logs, leading to unauthorized API use.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document instructs users to send authenticated requests with a bearer token and user-supplied stock/query parameters to an external service, but it does not clearly warn that tokens are sensitive credentials or that request contents are transmitted off-platform. In an agent-skill context, this omission can lead to unsafe handling of secrets and unintentional disclosure of user queries or financial interest data to a third party.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The third-party API section provides direct external endpoints and sample calls to Eastmoney, Jisilu, and Tonghuashun, but it does not warn that these are separate providers with independent privacy practices, availability, and terms-of-use constraints. In a skill environment, users may assume these endpoints are first-party or vetted, increasing the risk of sending data to unreviewed external services and creating compliance or reliability issues.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal