ClawHub

broker-monitor

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed financial-reporting workflow that gathers public market data and writes report/workbook outputs, with no evidence of hidden credential access, exfiltration, or destructive behavior.

Install this only if you want an agent to generate brokerage and trading-ecosystem monitoring reports. Use a copy of any Excel workbook, review generated financial data and citations before relying on them, and ask the agent to confirm before running the full workflow when your request is only a simple market question.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger definition is very broad and includes generic finance phrases like 'weekly monitor', 'equity volume', and 'options volume', which can cause the skill to activate for unrelated user requests. Over-broad invocation is dangerous because it may route users into file-writing and report-generation behavior they did not intend, increasing the chance of unwanted data processing or misleading outputs.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The 'When to Use' section lists many ambiguous activation conditions but does not define when the skill should not run. In context, this matters because the skill performs substantial data gathering, report generation, and file output, so accidental activation can lead to unnecessary processing and unintended modification workflows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to read an uploaded Excel workbook and write a modified copy plus a generated report to output paths, but it does not require explicit user consent or provide a user-facing notice before modifying uploaded data artifacts. This is risky because users may not expect their uploaded workbook to be transformed or persisted into derivative files, especially when the skill auto-appends rows and creates sheets.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal