ClawHub

Stock Pulse

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed stock-analysis skill that uses market data, an external LLM, and optional webhook settings, with financial-risk and privacy caveats but no evidence of malicious behavior.

Install only if you are comfortable sending selected stock symbols, prompts, and generated analysis to the configured LLM provider, and only set webhook URLs for chat spaces where sharing that analysis is acceptable. Treat all buy/sell signals, price targets, and forecasts as informational output, not reliable investment advice, and prefer an isolated Python environment with reviewed dependency versions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (8)

Tainted flow: 'url' from os.getenv (line 556, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
if not url:
        print("⚠️  未设置 FEISHU_WEBHOOK_URL"); return
    import requests
    requests.post(url, json={"msg_type": "text", "content": {"text": content}})
    print("✅ 已推送到飞书")
Confidence
95% confidence
Finding
requests.post(url, json={"msg_type": "text", "content": {"text": content}})

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The skill description presents stock analysis functionality, but the code also contains an outbound Feishu push path that is not disclosed in the advertised behavior. Hidden or under-documented data egress increases security risk because operators and users may not realize analysis results can be transmitted to third-party services.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger description is broad enough to match common conversations about stocks, trends, predictions, or recommendations, which can cause accidental invocation. In this skill, unintended activation is more dangerous because activation may lead to external API use, generation of financial advice, and optional outbound message delivery without the user clearly intending those actions.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill presents concrete buy/sell/hold signals, exact price levels, stop-losses, and forecasts without any visible investment-risk disclaimer or limitation notice. In a financial-advice context, this can mislead users into treating probabilistic model output as reliable advice, increasing the chance of financial harm and regulatory/compliance issues.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documents Feishu/WeChat webhook configuration for pushing output but does not warn users that their analysis results or prompts may be sent to external messaging platforms. This omission reduces informed consent and may expose trading interests, portfolio context, or other sensitive data to third parties or misconfigured webhooks.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill sends stock-related data and prompts to an external LLM service using runtime-configured credentials and endpoint settings, but there is no explicit disclosure or consent mechanism for that transmission. In contexts where inputs, outputs, or trading ideas are sensitive, silent third-party transmission creates privacy, compliance, and governance risks.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The Feishu push function transmits analysis content to an external webhook without any prior disclosure, confirmation, or destination validation. That creates a data leakage risk, especially because analysis output could contain user-requested content, internal commentary, or future extensions with more sensitive data.

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
91% confidence
Finding
requests

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal