ClawHub

条件单投资助手

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed investment-assistance tool that fetches public market data and produces conditional-order suggestions, with no evidence of hidden access, credential use, trade execution, or persistence.

Install only if you want an agent to provide general ETF/stock conditional-order ideas. Treat its parameters as educational starting points, verify the instrument, price, premium, and risk yourself, and do not provide broker credentials or rely on it as personalized financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The output recommends trading strategies for an unrecognized code ('999999') and even labels it as '未知 | 股票', despite the skill metadata limiting use to ETF-oriented conditional-order assistance and explicitly requiring confirmation of the instrument type first. This can mislead users into placing inappropriate orders on the wrong asset class, especially because the strategy advice is presented as actionable despite missing basic identification data.

Description-Behavior Mismatch

Medium
Confidence
79% confidence
Finding
The skill manifest says it is not suitable for futures/options, yet the reference database includes '159980 有色期货 ETF'. Even though this is an ETF, its exposure is explicitly futures-linked, which can bypass the tool's stated safety boundary and lead the agent to provide guidance on higher-risk products it was supposed to exclude.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger conditions are broad and include common conversational phrases such as asking how to invest, configure conditional orders, or analyze an ETF, plus heuristic activation on a stock code combined with an investment question. This can cause unintended activation in loosely related conversations, leading the skill to provide financial-strategy guidance when the user did not explicitly request this tool, which is especially sensitive in an investment context.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger conditions are broad enough to activate on generic investing questions, which can cause the agent to provide product-specific financial strategy guidance outside the narrowly intended scope. In a finance-related skill, over-triggering is risky because it may lead users to receive automated recommendations without sufficient suitability checks, risk profiling, or confirmation that the tool applies to their situation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The notes explicitly acknowledge that the disclaimer is misplaced, yet no upfront warning is actually provided before financial-strategy recommendations are generated. For an investing skill that suggests conditional-order parameters, missing or delayed disclosure increases the chance that users treat the output as personalized financial advice and act without understanding risks, limitations, or data reliability issues.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal