ClawHub

Finance Search Agent

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only research helper that may create and submit persistent research log/report documents, with broad wording but no code, credential use, or destructive behavior.

Use this skill only if you are comfortable with a research agent performing web research and writing persistent wiki log/report documents. Avoid entering confidential financial, personal, or business information unless retention is acceptable, and verify important financial claims against official filings, regulator pages, or trusted market-data sources.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is declared as a finance search agent, but the body defines a broad generic research workflow for arbitrary topics, creating a capability/intent mismatch. This can cause the agent to activate outside its expected domain and perform actions a user or platform would not reasonably associate with a finance-only skill, increasing the risk of unauthorized research and data handling.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The instructions require creating, appending, and submitting wiki documents, which adds persistent document-management behavior beyond the stated finance search purpose. Unnecessary write and submission capabilities expand the attack surface by enabling data exfiltration, unintended retention of sensitive research content, or misuse of attached files in final submissions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill description and overview are overly broad and lack specific activation constraints, examples, or domain boundaries. Ambiguous scoping makes accidental or opportunistic invocation more likely, which is especially concerning here because the embedded instructions authorize broad research and document-writing behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal