ClawHub

Fund Ai Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a coherent fund-analysis tool, but users should assume AI and notification features may send portfolio details to external services they configure.

Install only if you are comfortable with fund codes, holdings, costs, dates, notes, generated analysis, and macro context being sent to the LLM provider when AI features run. Use dedicated low-quota API keys, avoid untrusted webhook or push URLs, do not point FUND_SCENE_DIR at sensitive folders, back up positions.json, and pin/audit optional dependencies for production use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README instructs users to configure LLM, search, webhook, Bark, and email credentials, but it does not clearly disclose that portfolio contents, fund identifiers, analysis prompts/results, or macro-monitoring outputs may be transmitted to third-party services when these features are enabled. In a finance-focused skill, that omission matters because users may expose sensitive investment preferences or holdings to external providers without informed consent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The code injects detailed portfolio position data and macro data into an LLM prompt and sends it through a networked model call via call_llm(), but this file shows no consent flow, minimization, redaction, or disclosure to the user. That creates a real privacy and data-governance risk because sensitive financial holdings, trading history, and notes may be exposed to third-party model providers or logs.

Unpinned Dependencies

Low
Category
Supply Chain
Content
# 以下为可选依赖,安装后启用对应功能:

# 图表生成(chart_generator.py / correlation.py / correlation_v2.py)
Pillow>=9.0.0
numpy>=1.21.0
matplotlib>=3.5.0
Confidence
93% confidence
Finding
Pillow>=9.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
# 图表生成(chart_generator.py / correlation.py / correlation_v2.py)
Pillow>=9.0.0
numpy>=1.21.0
matplotlib>=3.5.0

# 选装方式:
Confidence
89% confidence
Finding
numpy>=1.21.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
# 图表生成(chart_generator.py / correlation.py / correlation_v2.py)
Pillow>=9.0.0
numpy>=1.21.0
matplotlib>=3.5.0

# 选装方式:
#   pip install -r requirements.txt
Confidence
82% confidence
Finding
matplotlib>=3.5.0

Known Vulnerable Dependency: Pillow — 10 advisory(ies): CVE-2016-2533 (Pillow buffer overflow in ImagingPcdDecode); CVE-2023-50447 (Arbitrary Code Execution in Pillow); CVE-2021-27922 (Pillow Uncontrolled Resource Consumption) +7 more

Critical
Category
Supply Chain
Confidence
97% confidence
Finding
Pillow

Known Vulnerable Dependency: numpy — 10 advisory(ies): CVE-2014-1859 (Numpy arbitrary file write via symlink attack); CVE-2021-41495 (NumPy NULL Pointer Dereference); CVE-2021-33430 (NumPy Buffer Overflow (Disputed)) +7 more

Critical
Category
Supply Chain
Confidence
90% confidence
Finding
numpy

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal