ClawHub

stock-industry-analyzer

Security checks across malware telemetry and agentic risk

Overview

This stock-analysis skill is not destructive or credential-stealing, but it can present mock or randomized financial data as real analysis and should be reviewed before use.

Install only in an isolated Python environment and do not use the generated reports for trading or investment decisions unless you first verify the data sources and replace or clearly label mock/static news and randomized indicators. Enable cron only if you want recurring local analysis and review the SQLite/report data it accumulates.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (9)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
`run_once()` is documented as "not storing", but `StockAnalyst()` initialization already calls `init_db()` and writes a log entry via `self.db.log(...)`. This creates an integrity/privacy mismatch: operators may choose `--once` expecting no persistence, yet the tool still performs database writes, which can violate user expectations or operational policy.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The function claims to return real stock data via akshare, but on failure it silently falls back to fabricated values and still produces actionable analysis. In a financial analysis skill, presenting simulated market data as if it were suitable for trading decisions can mislead users and downstream agents into making unsafe financial decisions based on false premises.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The backup path generates prices, technical indicators, and scores using random values rather than market history, yet returns them in the same structure as genuine analysis. This is dangerous because it creates deceptive analytical output that looks authoritative and may be consumed by users or other components as legitimate financial intelligence.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The module claims to fetch real news from AkShare, yfinance, and NewsAPI, but the implementation only emits hardcoded templates and mock data while labeling some items as "realtime". In a financial-analysis skill, this is dangerous because downstream users or agents may make decisions based on fabricated or stale content presented as authentic market news.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill states that it should automatically trigger whenever a user requests stock or industry analysis, which is a broad condition that can overlap with ordinary conversational requests. In an agent environment, this can cause unintended execution, unnecessary external data access, or actions being taken without clear user intent or confirmation.

Unpinned Dependencies

Low
Category
Supply Chain
Content
akshare>=1.12.0
pandas>=1.5.0
jieba>=0.42.0
yfinance>=0.2.0
Confidence
96% confidence
Finding
akshare>=1.12.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
akshare>=1.12.0
pandas>=1.5.0
jieba>=0.42.0
yfinance>=0.2.0
Confidence
93% confidence
Finding
pandas>=1.5.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
akshare>=1.12.0
pandas>=1.5.0
jieba>=0.42.0
yfinance>=0.2.0
Confidence
95% confidence
Finding
jieba>=0.42.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
akshare>=1.12.0
pandas>=1.5.0
jieba>=0.42.0
yfinance>=0.2.0
Confidence
95% confidence
Finding
yfinance>=0.2.0

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal