ClawHub

Skills of A-share market data released by ft.tech.

Security checks across malware telemetry and agentic risk

Overview

This is a broad but coherent financial market data skill that mainly performs disclosed read-only API queries, with limited user-directed file downloads.

Install only if you are comfortable sending finance-related queries and parameters to the FT market-data services. Use explicit subskill intent for ambiguous macro questions, and choose download output filenames carefully because download handlers may overwrite files within their allowed directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
This file functions as a multiplexed router for several different skill families well beyond the named market-data scope. Such consolidation increases confusion, weakens least privilege, and makes it easier for benign-looking prompts to trigger unrelated capabilities, including file downloads and broader financial datasets.

Intent-Code Divergence

Medium
Confidence
87% confidence
Finding
The document inconsistently claims to be the unified router for multiple different skills. This ambiguity undermines operator understanding of what is actually being invoked and can cause accidental activation of broader capabilities than expected.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The invocation guidance is extremely broad, telling operators to use the skill for a wide range of market-related requests without clear exclusion rules. In a router that also supports shell-backed execution and file downloads, overbroad triggers increase the chance of unintended or overly privileged use.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The example utterances are generic enough to match many common finance questions, but the file does not include disambiguation steps or non-trigger examples. In a bundled router, that increases accidental routing into capabilities the user did not intend to invoke.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs saving downloaded XML/PDF/XLSX outputs to local files but does not warn about file creation, overwrite, or path-safety risks. Since the router executes local scripts and accepts output-path arguments, this creates a realistic risk of unintended local file modification or clobbering.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger description includes broad terms such as '信贷数据', '中国信贷', and especially '社会融资', which can overlap with adjacent macroeconomic data intents and cause the router to invoke this skill for queries that are not specifically about monthly China credit-loans data. This is not a code-execution issue, but it can misroute user requests and return incomplete or misleading financial information when a more specific skill should have been selected.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger description includes broad phrases like '固定资产投资', '固投', '中国投资', and 'China fixed asset investment', which can match user requests that are only loosely related to this specific monthly urban fixed-asset-investment dataset. In an agent-routing context, this can cause the wrong skill to activate, leading to inaccurate data retrieval or unintended tool use, though the impact here is limited because the skill is read-only market/economic data access.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases are broad enough to match generic finance or tax-related queries such as '税收收入' or '中国税收', which may cause the agent to invoke this skill when the user intent is ambiguous or broader than monthly national tax revenue. This can lead to incorrect tool selection, irrelevant responses, or unintentional routing of user requests to an external data source.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal