ClawHub

Google Finance Stock Tracker

Security checks across malware telemetry and agentic risk

Overview

This stock-tracking skill is purpose-aligned and disclosed, but users should treat its buy/sell signals as rough informational output and understand it stores a local watchlist.

Install only if you are comfortable with ticker symbols being queried against public finance sites and saved in a local OpenClaw state file. Do not rely on the generated BUY/SELL signals as financial advice, and enable cron or Slack reporting only when you intentionally want recurring reports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The skill promises stock/news monitoring, alerts, scheduling support, and buy/sell recommendations, but the described implementation does not clearly provide several of those behaviors and adds local state management that is not prominently declared in the top-level purpose. This mismatch is dangerous because users and orchestrators may grant trust, invoke the skill automatically, or rely on outputs under false assumptions about what data is fetched, how alerts work, and what actions occur on their system.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger phrases are broad enough to match ordinary financial discussion such as 'buy or sell' or 'stock news,' increasing the chance of accidental invocation. In a skill that performs network access and local file writes and can encourage cron-based automation, overbroad triggering can cause unintended execution, noisy alerts, or misleading financial recommendations to be produced without clear user intent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal