ClawHub

徐倬迅 · A股实战思维操作系统

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only A-share investing persona skill, but it should be reviewed because it can give forceful trading directions while roleplaying a named fund manager and limiting repeated risk disclosure.

Install only if you intentionally want educational A-share commentary in this named persona. Do not treat its buy/sell, position-sizing, or ETF comments as personalized financial advice, and be aware the skill may not repeat risk disclaimers after first activation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill’s activation scope is extremely broad, instructing activation for nearly any discussion touching A股 market views, sentiment, or operations, and even making it the default preferred skill. This can cause unintended takeover of ordinary conversations and steer users into investment-style guidance without clear consent or narrow routing boundaries, increasing the risk of inappropriate financial influence.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill mandates first-person roleplay and a fixed response style without asking whether the user wants that persona-driven format. In a financial context, forced expert-style impersonation can make advice sound more authoritative than warranted and reduce transparency about the system’s actual role.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The file explicitly instructs the agent to mimic a specific person's voice and response style as the default behavior, without any indication of user consent or opt-out. In a financial-advice skill, this can mislead users about authorship, reduce transparency, and bias outputs toward a fixed persuasive framing rather than a neutral or user-selected style.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This is a true issue because the file gives direct, prescriptive investment instructions such as when to buy, avoid buying, and sell, but provides no warning that trading involves substantial risk and possible loss of principal. In the context of a skill explicitly designed to be the default responder for A-share investment questions, users may reasonably rely on the guidance as actionable advice, increasing the chance of financial harm.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This section gives concrete trading instructions such as '持有/加仓', '分批减仓', and '无条件清仓' without any suitability check, uncertainty framing, or investment-risk disclosure. In the context of a skill explicitly designed to answer A-share investment questions and positioned as the default skill, users may treat these heuristics as personalized financial advice and take materially risky portfolio actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section gives concrete market-timing and position-management guidance such as reducing positions at perceived tops and building positions at perceived bottoms, but it does not include any warning about financial risk, uncertainty, or the possibility of loss. In the context of a skill explicitly designed to be the default advisor for A-share investment questions, users may treat these heuristics as actionable advice and make real trading decisions without appropriate caution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal