ClawHub

tushare

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Tushare financial-data helper whose network use, optional token, and local exports match its stated purpose.

Install this if you intend to use Tushare for financial data research. Provide TUSHARE_TOKEN only in an environment where you are comfortable letting the agent use your Tushare account and quota. When asking for exports, specify the output folder and filename, and treat generated market summaries as research support rather than investment advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill uses very broad natural-language trigger phrases such as vague conversational requests, which can cause the skill to activate when the user did not explicitly intend a financial-data workflow. Because this skill can make network requests and produce local exports, accidental activation can lead to unnecessary external data access, confusion, and unintended file generation.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The “When to use” section defines activation through many ambiguous examples without strong boundary conditions, increasing the chance of over-triggering on loosely related requests. In context, this is risky because the skill is network-enabled and may fetch third-party financial data or start analysis/export flows without sufficiently explicit user consent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly supports exporting CSV/Parquet files and returning local file paths, but it does not clearly state when files will be created or require explicit user confirmation before writing data. This can surprise users, create unwanted local artifacts, and potentially expose sensitive research outputs in shared environments.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The markdown explicitly instructs accessing external links to read API documentation, but provides no warning, consent boundary, or restriction on network use. In an agent setting, this can cause unapproved outbound requests, exposure to untrusted remote content, and indirect prompt-injection risk if fetched pages are later parsed or followed automatically.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal