ClawHub

investment-data

Security checks across malware telemetry and agentic risk

Overview

This skill should be reviewed because it presents itself as real investment-data tooling while core APIs return fake or placeholder data and its downloader extracts an unverified remote archive.

Treat this as unfinished tooling, not a trustworthy source of financial data. Do not rely on its returned prices, limits, stock lists, or index data for trading, backtesting, reporting, or automated decisions until real data-loading code replaces the placeholders. If using the downloader, run it in a controlled directory and verify or harden the downloaded archive before extraction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill advertises executable behaviors that use environment variables, network access, and shell commands, but it does not declare permissions or clearly bound those capabilities. In an agent framework, undeclared capabilities reduce transparency and can lead to unexpected downloads, local writes, and command execution beyond what a user reasonably expects from a data-query skill.

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The documented purpose emphasizes investment data access, but the skill also downloads archives from remote sources, extracts them locally, exports files, and invokes local subprocess-style update workflows. That mismatch is dangerous because users may authorize a seemingly read-only data skill without realizing it performs network retrieval, local filesystem modification, and command execution.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The skill claims to provide high-quality investment data, but get_stock_daily returns synthetic random values while presenting them as stock market data. In a finance context, fabricated output can directly mislead downstream decisions, backtests, and automated strategies, creating a serious integrity and trust violation.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
Multiple advertised capabilities are stubbed or return placeholder values and empty DataFrames despite the skill description promising supported investment datasets. In this context, users may rely on these outputs as genuine market data, leading to incorrect analytics, trading logic, or compliance reporting.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The documentation asserts high-quality investment data support while the implementation knowingly uses example and placeholder outputs. That mismatch is dangerous because it invites users and agents to treat fabricated or incomplete data as authoritative financial information.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The markdown promotes automatic downloads and daily updates but does not prominently warn that these actions write to local storage and modify persisted datasets. In practice, silent or poorly disclosed local writes can surprise users, overwrite existing data, consume disk space, and create supply-chain exposure from remote content ingestion.

Missing User Warnings

Low
Confidence
76% confidence
Finding
The skill instructs users to provide a Tushare token via environment variable but gives no guidance on secure handling, storage, or logging of that credential. While common, undocumented credential handling can lead to accidental exposure in shell history, shared environments, logs, or exported configs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal