ClawHub

Finance Tracker

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local finance-tracking CLI that stores sensitive finance data locally and uses live exchange-rate lookups, with no evidence of hidden exfiltration or destructive behavior outside its purpose.

Install only if you are comfortable keeping expense, income, goal, asset, and exchange-rate cache files in ~/.finance-tracker. Be careful before asking an agent to run delete, undo, edit, asset removal, goal removal, or recurring process commands, especially if adding recurring processing to automation. Currency features may contact external exchange-rate services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill instructs users to run `finance recurring process` automatically via heartbeat, which causes transactions to be created without an explicit warning that local financial records will be modified. In a finance-tracking context, silent or background mutation of expense data can lead to incorrect logs, duplicate entries, and loss of user trust, especially if the command is scheduled unattended.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill advertises live exchange rates and automatic refresh every 6 hours but does not disclose that this likely performs outbound network requests and may transmit metadata such as IP address, timing, locale, or queried currencies. In a personal finance skill, undeclared network activity is more sensitive because it relates to spending and currency behavior, which users may reasonably expect to remain local.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The code persists highly sensitive financial portfolio and income data to predictable local JSON files under the user's home directory without any disclosure, consent, access control hardening, or encryption. In a finance-tracking skill, this increases privacy risk because other local users, malware, backups, or synced directories may expose detailed financial information.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The process_due flow automatically converts all due recurring items into stored transactions by calling log_recurring() without any user confirmation, dry-run mode, or visible warning. In a finance-tracking context, this can silently mutate financial records, create duplicate or unexpected entries if invoked by automation, and reduce user trust in ledger integrity.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal