ClawHub

Portfolio Tracker

Security checks across malware telemetry and agentic risk

Overview

This portfolio tracker appears legitimate, but it needs review because broad trigger wording could cause it to read exact holdings, contact Yahoo Finance, and edit a local tracker file when the user did not clearly request an update.

Install only if you are comfortable with the skill reading the included holdings file, using Yahoo Finance in a browser session, and editing portfolio-tracker.md. Prefer invoking it with explicit commands like "update my portfolio tracker," and review generated files or logs before sharing them because they may reveal portfolio composition.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The manifest description contains broad trigger phrases such as references to stocks, portfolio, investments, or market updates, which can cause the skill to activate in contexts broader than the user intended. Because this skill performs browser automation and edits a local portfolio file, unintended invocation can lead to unnecessary third-party requests and silent modification of sensitive local data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The description does not clearly tell users that running the skill updates a local file with fetched market data and generated analysis. This creates a transparency and integrity risk because users may invoke the skill expecting read-only analysis while it actually changes portfolio-tracker.md, potentially overwriting prior notes or introducing unwanted state changes.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow instructs browser automation against Yahoo Finance without clearly warning that portfolio ticker activity is sent to a third-party service. Even if only tickers are queried, the sequence of requests can reveal portfolio composition or investment interests, making this more sensitive because the skill reads exact holdings from a local reference file and automates repeated lookups.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal