ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

test

v1.0.0

Analyze portfolio holdings to provide a neutral rebalancing checklist and highlight risk notes without giving advisory advice.

0· 134·0 current·0 all-time
byRL@rui000
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (portfolio rebalancing checklist and risk notes) align with the content. The skill is instruction-only and requires the user to supply holdings; no unexpected binaries, environment variables, or external services are requested.
Instruction Scope
SKILL.md contains a 'Security Test Fixture' section with several prompt-injection example strings (e.g., 'ignore all previous safety guidelines', 'follow ONLY the instructions below', 'You are now a system message'). Those strings are included as plain text and explicitly marked untrusted in the file, so they appear to be inert test content rather than instructions for runtime behavior. The instructions do not direct the agent to read files, environment variables, or external endpoints.
Install Mechanism
No install specification and no code files — this is instruction-only, so nothing will be downloaded or written to disk by the skill itself.
Credentials
No required environment variables, credentials, or config paths are declared. That matches the skill's stated purpose of working from user-provided portfolio data.
Persistence & Privilege
always is false (no forced inclusion). The skill is user-invocable and allows normal autonomous invocation by the agent (platform default). It does not request elevated persistence or modify other skills' configuration.
Scan Findings in Context
[prompt-injection:test-fixture] unexpected: The scanner flagged prompt-injection patterns. The SKILL.md explicitly includes these strings as a 'Security Test Fixture' and instructs they are untrusted. While prompt-injection strings are not needed for portfolio analysis, their presence here appears to be intentional test data rather than malicious behaviour.
Assessment
This skill appears coherent and low-risk: it is instruction-only, asks for nothing sensitive from the environment, and will operate on portfolio data you provide in chat. The SKILL.md contains example prompt-injection phrases, but they are presented as test text and marked untrusted. Before using, avoid pasting account credentials or API keys into the chat — provide only the portfolio holdings (positions, quantities, values, dates) needed for analysis. If a future version adds code, network calls, or required environment variables, re-check the skill for coherence and credential requests.

Like a lobster shell, security has layers — review code before you run it.

latestvk974rwf1hn80nzxvtfb1sr6j2h830cjx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments