Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Jimbo the Investor
v1.0.0Assist with financial analysis, value investing using RSI signals, and cost-effective decision-making for budgeting and investments.
⭐ 0· 37·0 current·0 all-time
byJoshua Simon@tycooncoder
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a simple financial assistant using RSI signals and cost-aware recommendations and requests no credentials or binaries — that is coherent. HOWEVER the packaged file manifest contains many agent/workspace files (AGENTS.md, SOUL.md, memory logs) that go far beyond a small finance skill, suggesting extra agent behavior baked into the bundle that is not needed for a financial advisor.
Instruction Scope
The runtime SKILL.md instructions are limited and appropriate for the stated purpose (install via 'clawhub install jimbo' and answer finance questions). But included AGENTS.md and memory transcripts instruct the agent to read local memory files, act proactively, and follow 'don't ask permission' rules. Those directives expand the agent's runtime scope in ways unrelated to finance.
Install Mechanism
There is no install spec or code to fetch — this is instruction-only. The only install hint in SKILL.md is a single 'clawhub install jimbo' command which is plausible for the platform; nothing is downloaded from an external arbitrary URL in the skill package.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. That is proportionate to a finance helper. The workspace files do reference local memory files, which is allowed for agent state, but those are not declared as required env/creds.
Persistence & Privilege
always:false and no install spec reduce immediate risk, but the included AGENTS.md and memory logs explicitly encourage continuous/autonomous behavior (e.g., read memory files every session, be proactive) and the transcript shows a user instructing creation of a persistent 'autonomy_core' skill that enforces continuous execution. Bundling those agentic instructions with a benign-sounding skill increases the risk that installation or manual use could be followed by creation/activation of persistent/autonomous capabilities — a privilege escalation vector not justified by the financial purpose.
What to consider before installing
The skill's visible SKILL.md is benign and needs no credentials, but the rest of the shipped files include agent-oriented policies and conversation logs that push for continuous, autonomous behavior. Before installing: 1) Verify the source and publisher (unknown owner ID here). 2) Inspect AGENTS.md, SOUL.md, and any memory/session files for instructions that make the agent run tasks autonomously or read local secrets. 3) Ensure 'clawhub install jimbo' does not automatically enable or create persistent skills (autonomy_core-like). 4) If you want to test, run it in a restricted environment (no network or limited sandbox) and monitor agent actions/logs for file writes, spawned background tasks, or unexpected outbound requests. 5) If you don't trust the bundle, ask the publisher for a minimal SKILL.md that contains only the finance logic and nothing that instructs broader agent behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk975g58gjxpeq72qn4wradx8gh84ha5m
License
MIT-0
Free to use, modify, and redistribute. No attribution required.