ClawHub

A-Share DCF Valuation

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate local A-share valuation report generator, with ordinary cautions around protecting the Tushare token and controlling where reports are written.

Install dependencies in a virtual environment, protect and rotate the Tushare token as you would any API key, and consider setting TUSHARE_TOKEN only for the command or storing it in a restricted secret store instead of a shell profile. Confirm OPENCLAW_WORKSPACE before running, and review generated valuation reports before using them for investment decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Tainted flow: 'report_path' from os.getenv (line 852, credential/environment) → open (file write)

Medium
Category
Data Flow
Content
# 写入文件
os.makedirs(REPORTS_DIR, exist_ok=True)
report_path = os.path.join(REPORTS_DIR, f'dcf_{COMPANY_NAME}_{TODAY}.md')
with open(report_path, 'w', encoding='utf-8') as f:
    f.write(report)

print(f"\n  报告已保存: {report_path}")
Confidence
88% confidence
Finding
with open(report_path, 'w', encoding='utf-8') as f:

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill instructs use of environment variables and writing reports to the local filesystem, but does not declare any permissions or capability expectations. This creates a transparency and consent problem: users or orchestrators may invoke a skill that reads secrets from the environment and writes files without an explicit permission model, increasing the risk of unauthorized secret use or unintended data persistence.

Session Persistence

Medium
Category
Rogue Agent
Content
1. **Configure Tushare Token**:
   ```bash
   # Add to ~/.bashrc or ~/.bash_profile
   export TUSHARE_TOKEN="your_token_here"
   source ~/.bashrc
   ```
Confidence
81% confidence
Finding
Add to ~/.bashrc

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal