ClawHub

金融市场数据采集工具

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent financial-market data collector that uses expected external data sources and local report files, with some clarity and reliability caveats.

Install only if you want a network-heavy daily market-report collector and are comfortable providing any required search/API credentials. Review or adapt the external config.py path, output directory, log path, and broad trigger phrases before use, especially on systems where a simple quote query should not create local report files or contact multiple providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The function calls an undefined helper `is_truncated(...)` instead of the implemented `is_truncated_content(...)`, which can raise a runtime exception and disable policy-item filtering. In this skill, that can break market-data collection or let malformed/truncated policy content pass through if error handling upstream is weak, degrading report integrity and availability.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger phrase "查询行情" is broad enough to match many ordinary finance-related user requests, including ones outside the intended daily-report workflow. Over-broad triggers can cause the wrong skill to fire, leading to unnecessary network requests, scraping, and local file writes without the user clearly intending that heavier workflow.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documentation does not prominently warn that execution sends requests to multiple third-party APIs/search providers and writes JSON output and logs to local disk. This is dangerous because users or calling systems may not realize that invoking a seemingly simple data-query skill can transmit data externally and create persistent local artifacts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal