ClawHub

CANSLIM-Top100-US

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent stock-screening tool that fetches public market data and writes a local results file, with dependency-installation cautions but no evidence of hidden, destructive, credential-seeking, or exfiltration behavior.

Before installing, run this in a dedicated Python virtual environment, consider pinning or reviewing the dependency versions, and expect it to contact public market-data sources and write canslim_results.json. The output is a stock screen, not investment advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill declares no permissions even though its instructions clearly require network access and file creation/modification via dependency installation and generation of result files. This mismatch weakens transparency and consent boundaries, making it easier for an agent to perform side-effecting actions the user did not explicitly approve.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to install dependencies from a local requirements.txt without warning the user that this may modify the environment and execute untrusted package installation logic. Installing packages can introduce arbitrary code execution during install time, dependency confusion risk, or persistent environment changes, especially if the requirements are not pinned and vetted.

Unpinned Dependencies

Low
Category
Supply Chain
Content
yfinance
pandas
lxml
tqdm
Confidence
96% confidence
Finding
yfinance

Unpinned Dependencies

Low
Category
Supply Chain
Content
yfinance
pandas
lxml
tqdm
requests
Confidence
98% confidence
Finding
pandas

Unpinned Dependencies

Low
Category
Supply Chain
Content
yfinance
pandas
lxml
tqdm
requests
Confidence
99% confidence
Finding
lxml

Unpinned Dependencies

Low
Category
Supply Chain
Content
yfinance
pandas
lxml
tqdm
requests
Confidence
95% confidence
Finding
tqdm

Unpinned Dependencies

Low
Category
Supply Chain
Content
pandas
lxml
tqdm
requests
Confidence
98% confidence
Finding
requests

Known Vulnerable Dependency: lxml — 10 advisory(ies): CVE-2021-43818 (lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through); CVE-2014-3146 (lxml Cross-site Scripting Via Control Characters); CVE-2021-28957 (lxml vulnerable to Cross-Site Scripting ) +7 more

High
Category
Supply Chain
Confidence
93% confidence
Finding
lxml

Known Vulnerable Dependency: tqdm — 3 advisory(ies): CVE-2024-34062 (tqdm CLI arguments injection attack); CVE-2016-10075 (TDQM Arbitrary Code Execution); CVE-2016-10075 (The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to e)

High
Category
Supply Chain
Confidence
83% confidence
Finding
tqdm

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
95% confidence
Finding
requests

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal