ClawHub

Astock Top Gainers

Security checks across malware telemetry and agentic risk

Overview

This stock-ranking skill appears mostly narrow, but a README changelog reference to SSRF bypassing is purpose-mismatched enough to require review before installation.

Install only if you can inspect the full skill and confirm it does not implement SSRF bypasses, arbitrary URL fetching, proxying, redirect abuse, or access to internal/private network addresses. The stock-ranking function itself is expected, but the SSRF-related changelog wording should be clarified or removed before treating the skill as routine.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The changelog entry claiming '优化SSRF策略绕过方案' is highly inconsistent with a stock-gainer query skill and strongly suggests development or inclusion of functionality intended to evade SSRF protections. In a skill that likely fetches external data, this language is a serious red flag because it may indicate hidden network access abuse or deliberate bypass of platform safeguards.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases include broad, natural-language expressions like “涨幅最大的股票”, “哪些股票涨得最多”, and “最近涨得好的股票”, which can match casual market discussion rather than a clear request to invoke this specific skill. Overbroad activation can cause the agent to browse external sites and return financial rankings when the user may have intended general commentary, creating unnecessary external access and action misfires.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The usage section lists examples of when to trigger the skill, but does not define clear non-trigger conditions or boundaries. Without explicit scope limits, the agent may invoke the skill for loosely related stock-performance questions, increasing the chance of unintended browsing, user-confusing behavior, and retrieval of external financial data when not necessary.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal