ClawHub

Leapcat Skills

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Leapcat finance integration, but it enables real trades, IPO subscriptions, withdrawals, and KYC uploads without enough built-in confirmation and privacy guardrails.

Install only if you intentionally want an agent to operate a Leapcat financial account. Require explicit approval before every trade, IPO subscription or cancellation, withdrawal, KYC upload, legal agreement acceptance, or personal-info submission; verify amounts, symbols, project IDs, addresses, fees, and deadlines; log out when finished and protect the local token file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This skill documents commands that place and cancel real IPO subscription orders but does not include an explicit warning that these actions can affect the user's brokerage account and funds. In an agent setting, omission of a clear confirmation/safety step materially increases the risk of unintended financial transactions, especially because the workflow presents execution as a routine next step after estimation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This skill guides the agent to collect and transmit highly sensitive PII, including identity documents and personal information, but does not include an explicit warning, consent checkpoint, or safe-handling guidance for that data. In an agent context, this increases the risk that users may overshare, that the agent may echo or retain sensitive values in logs or chat history, and that uploads may be performed without the user fully understanding the privacy implications.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This skill provides direct instructions to place, monitor, and cancel real stock trading orders, including market orders, without any explicit warning that these actions can have immediate financial consequences and may be irreversible once executed. In an agent context, omission of risk disclosures and confirmation guidance increases the chance of accidental or poorly understood trades, especially when the skill is framed as routine CLI usage.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal