ClawHub

Personal Finance Tracker

Security checks across malware telemetry and agentic risk

Overview

This finance skill is mostly coherent, but it can change and delete personal finance records without clear confirmation or undo safeguards.

Install only if you are comfortable letting the agent operate on your personal finance database through the assistant CLI. Before use, confirm that delete actions require explicit approval with a preview of the exact record, and keep backups or an undo path for transaction and category changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill exposes destructive operations (`delete-transaction`, `delete-category`) even though its stated purpose is mainly recording and querying finances. Without clear justification, safeguards, or confirmation requirements, an accidental or manipulated invocation could irreversibly remove financial records or metadata, harming integrity and auditability.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger terms are broad and overlap with normal conversation, increasing the chance the skill activates when the user is not actually requesting a finance action. In a skill that can create, transfer, or delete financial records, over-triggering raises the risk of unintended state-changing operations from ambiguous language.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation includes destructive delete operations with no warning, confirmation, or rollback guidance. In the context of personal finance data, silent deletion can destroy transaction history and categories, undermining balances, reports, and user trust; this is especially risky because the skill otherwise emphasizes concise action-oriented behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal