ClawHub

stock_data

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed stock-data fetcher that contacts SimplyWall.st for ticker analysis, with some metadata and routing caveats but no evidence of hidden, destructive, or credential-seeking behavior.

Before installing, understand that using this skill sends ticker and exchange lookups to SimplyWall.st and returns third-party financial data that should be verified independently before making investment decisions. Prefer explicit ticker and exchange inputs, and ensure aiohttp is installed from a trusted source if the runtime does not already provide it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill explicitly performs direct HTTP fetching from an external site, yet the manifest declares no permissions or requirements. This creates a transparency and policy-enforcement gap: a caller or platform may treat the skill as lower risk than it is, while it can still access remote content and introduce data exfiltration, prompt-injection, or unreviewed dependency-on-network behavior. In this context, the risk is real because the skill is designed around live remote retrieval from SimplyWall.st.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The description says to use the skill for broad categories like stock prices, valuation, financials, dividends, or investment analysis for any global stock, which overlaps heavily with common finance queries. Overbroad activation criteria can cause the agent to invoke this networked skill in situations where it is unnecessary or where a safer/local response would suffice, increasing exposure to untrusted remote content and inconsistent behavior. Because this skill fetches third-party web data, unclear boundaries make misrouting more dangerous than for a purely local tool.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The 'When to Use' section lists vague triggers such as investment analysis or stock thesis generation without constraints, exclusions, or required user intent signals. This ambiguity can lead to over-invocation of a network-capable skill, unnecessarily sending queries into a workflow that depends on remote HTML parsing and third-party content. In a finance context, that can also amplify reliability and compliance issues if users receive externally sourced analysis when they asked for general guidance.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal