ClawHub

A股实时盯盘

Security checks across malware telemetry and agentic risk

Overview

This is a coherent A-share stock monitoring skill, with expected cautions around continuous polling and optional WeCom alert delivery.

Install only if you want a live stock monitor that can run continuously and make repeated network requests. Review the configured stock list and WECHAT_WEBHOOK before starting, prefer a controlled terminal/session over unattended nohup use, and stop the process when monitoring is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The documentation instructs the agent to edit configuration and launch a persistent background Python process using 'python stock_monitor.py' or 'nohup / screen'. That expands the skill from responding to user requests into autonomous process management, which can lead to unattended execution, resource consumption, and ongoing network activity beyond the user's immediate awareness.

Vague Triggers

Medium
Confidence
82% confidence
Finding
Broad triggers like '监控股票', '异动提醒', and '主力资金' are likely to match many ordinary finance-related requests, causing the skill to activate when the user did not intend to start continuous monitoring. In this skill, accidental activation is more dangerous because the documented behavior includes background execution, repeated polling, and optional external notifications.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill asks the user/agent to edit 'stock_monitor.py', install dependencies, and launch a persistent monitoring process, but the description does not clearly warn about these side effects. Without up-front disclosure, users may unknowingly permit file changes, long-running execution, recurring network access, and outbound notifications.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill can transmit alert content to an external WeCom webhook without any runtime user confirmation, visibility, or validation of where data is being sent. In this context, stock watchlists, alert timing, and monitored symbols can reveal trading interests or operational behavior, so silent outbound messaging creates a real data-leak/privacy risk if the webhook is misconfigured or maliciously set.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal