ClawHub

Finance Search Agent Strategy

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only finance research skill that uses search and wiki-report tools in a disclosed, purpose-aligned way, with reliability cautions around over-trusting search results.

Install only if you want an agent to perform external finance research and create internal wiki reports. For important financial work, require citations from reputable sources, cross-check key claims, and avoid putting confidential account or business data into the research prompt.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Ssd 1

High
Confidence
98% confidence
Finding
The skill explicitly says its directives are the 'highest directives' and must take priority over built-in knowledge and cognition, while also requiring unconditional trust in external tool output as the 'only source of truth.' This is dangerous because it attempts to override safety hierarchy and disables critical skepticism toward tool results, creating a path for prompt-injection, poisoned search results, and unsafe downstream actions based on unverified external content.

Ssd 3

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to remember internal file paths across the session and later submit both the research log and final report via a submission tool. This creates a structured retention and disclosure channel that could expose internal artifacts or sensitive collected content if the log contains confidential data, injected content, or unintended material gathered during research.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal