ClawHub

Fund Keeper

Security checks across malware telemetry and agentic risk

Overview

Fund Keeper is a disclosed finance helper that stores local portfolio records and fetches public market data, with privacy and data-integrity caveats users should understand.

Install only if you are comfortable storing portfolio amounts and transaction history in local funds files. Crop or redact screenshots before OCR, treat buy/sell suggestions as informational, and be aware that some market data is fetched over unencrypted HTTP and could be stale or tampered with.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly documents network access and instructs reading and writing user workspace files such as portfolio, config, history, and memory files, but the finding indicates these capabilities are not formally declared as permissions. That mismatch is dangerous because users and the platform may not get accurate consent and visibility into what the skill can access or modify, especially given the financial and personal portfolio data involved.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The OCR feature processes arbitrary user-supplied screenshots without warning that images may contain sensitive financial or personal information beyond fund codes. In a finance assistant, screenshots can easily include account balances, names, transaction history, or other PII, increasing privacy risk if users are not clearly informed before processing.

Missing User Warnings

Low
Confidence
86% confidence
Finding
This code performs an outbound request to an external market-data endpoint over plain HTTP, which exposes the response to interception and modification by an on-path attacker. In a financial-advice context, tampered market data could mislead recommendations or user decisions, making this more dangerous than a generic undisclosed network call.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal