ClawHub

goldskill

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent commodities market-analysis tool that makes expected outbound market-data and news requests, with no evidence of credential theft, destructive behavior, or hidden local access.

Install only if you are comfortable with the skill making outbound requests to market-data and news providers, including during its health check. Consider narrowing triggers if accidental activation matters in your environment, and use a virtual environment for the pip dependencies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger regex for commodities/futures is broad enough to activate on ordinary user discussions about commodities or futures, not just explicit requests for this skill. Over-broad activation can cause unintended invocation, increasing the chance of irrelevant responses, privacy leakage through unnecessary processing, or accidental tool use in contexts where the user did not intend it.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill performs outbound network requests to third-party financial data providers without any disclosure, consent, or configuration gate visible to the user. Even if no obvious secret is sent, invoking the skill leaks usage metadata such as IP address, timing, user agent, and the fact that the user requested commodity analysis to external services.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The RSS/news aggregation logic fans out to many third-party feeds and search endpoints, creating broad undisclosed external communications during normal execution. This increases privacy exposure, expands the attack surface to many remote content sources, and can surprise users in environments that expect offline or minimally connected skills.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase "天然气" is a common everyday term rather than a narrowly scoped command, so it can activate the skill during ordinary conversation about gas, energy, or news. In an agent environment, unintended invocation can cause surprise behavior, unnecessary external requests, and analysis output the user did not explicitly intend to request.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The installation/use documentation states that the skill fetches real-time market data and news sentiment from third-party services, but it does not warn users that external requests will occur. This creates a transparency and privacy risk because user prompts and derived queries may be sent to outside providers without the user's informed consent, especially in environments where external network access is sensitive.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal