ClawHub

Claw Screener

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed stock-screening skill that fetches public market data and stores local caches, with the main caution being its pipe-to-shell Bun installer guidance.

Before installing, confirm you are comfortable with a financial-analysis tool making network requests to public market-data sources and writing local watchlist/cache files. Install Bun through a safer trusted channel or inspect the installer first instead of blindly running the pipe-to-shell command. Treat the screening output as informational, not financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill explicitly documents network-dependent behavior by fetching SEC EDGAR, Yahoo Finance, and Bun installation content, yet the metadata declares no environment requirements or permissions reflecting outbound network access. This creates a transparency and policy-enforcement gap: users or hosting systems may treat the skill as lower risk than it is, despite it requiring internet connectivity and processing remote data.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
This file materially diverges from the declared skill purpose: instead of a Williams %R + Buffett-style screener, it implements a different 'Compounding Machine' strategy with Carlson scoring, buyback and margin filters, yield analysis, and DCF valuation. In an agent skill ecosystem, this kind of manifest-to-code mismatch is dangerous because users and orchestrators may grant trust, invoke the skill, or interpret outputs under false assumptions, leading to stealthy capability substitution and incorrect financial decisions.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The code retrieves historical price and dividend series to compute dividend-yield analytics, while the manifest emphasizes Williams %R oversold screening; that means a core advertised screening dimension is absent or replaced. This is risky in a financial-analysis skill because downstream users may believe they are receiving a momentum/oversold signal when they are actually receiving a different valuation-oriented analysis, causing silent misuse of the tool.

External Script Fetching

High
Category
Supply Chain
Content
```bash
# macOS/Linux
curl -fsSL https://bun.sh/install | bash

# Windows (PowerShell)
iwr https://bun.sh/install -outfile "install.ps1"; ./install.ps1
Confidence
98% confidence
Finding
curl -fsSL https://bun.sh/install | bash

Chaining Abuse

High
Category
Tool Misuse
Content
```bash
# macOS/Linux
curl -fsSL https://bun.sh/install | bash

# Windows (PowerShell)
iwr https://bun.sh/install -outfile "install.ps1"; ./install.ps1
Confidence
99% confidence
Finding
| bash

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal