Back to skill

Security audit

Cn Security Code Resolver Openclaw Skill

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but users should know each lookup term is sent to Eastmoney’s public search API.

Install if you are comfortable with Chinese security names, watchlist entries, or portfolio constituents being sent to Eastmoney for code resolution. Avoid using it on confidential portfolios unless that disclosure is acceptable, and prefer asking for confirmation when results are ambiguous.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to run a bundled Python script that queries Eastmoney's public API, which is a real network capability, but the skill metadata does not declare any corresponding permission. Undeclared network access is dangerous because it bypasses user and platform expectations, can exfiltrate task data in requests, and makes the skill's behavior less auditable even if the stated use case is legitimate security-code resolution.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends raw user-provided security name queries to Eastmoney's third-party search API, which exposes user input outside the local environment without any disclosure, consent, or minimization. While the data is not inherently secret in many cases, portfolio constituents, watchlists, or research targets can be sensitive and may reveal trading intent or proprietary information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.