ClawHub
Back to skill

Security audit

Stock Market Pro

Security checks across malware telemetry and agentic risk

Overview

This stock research skill is coherent and disclosed, with normal market-data network access and optional browser-based options-flow lookup.

Install this as a market research tool, not as a private/offline analyzer. Use a virtual environment, review unpinned Python dependencies, and expect ticker or news queries to be sent to Yahoo Finance, DuckDuckGo, and optionally Unusual Whales. Avoid the optional Playwright options-flow helper if you do not want browser automation or third-party page scraping.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The script performs live browser automation against unusualwhales.com even though the skill metadata describes a Yahoo Finance-powered stock analysis tool. This creates a scope and trust mismatch: users may believe data comes only from yfinance while the skill silently contacts a separate third-party site, exposing network metadata and introducing dependence on an unvetted external service with dynamic content.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The code launches a headless browser and makes outbound requests to a third-party domain without any user-facing warning or consent mechanism. While it does not appear to exfiltrate secrets directly, silent network access can leak the queried ticker, IP/device metadata, and browsing fingerprints, which is a privacy and transparency issue made more concerning by the undeclared use of a separate provider.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.