ClawHub

Harena

Security checks across malware telemetry and agentic risk

Overview

Harena is a disclosed financial-market MCP skill that uses a Harena API key for market data, alerts, watchlists, and profile personalization, with no local executable code or hidden install behavior.

Install only if you trust Harena and are comfortable sending market interests, watchlists, topic subscriptions, profile preferences, and API-key-authenticated requests to Harena’s MCP service. Confirm intent before registration or profile/watchlist changes, and treat any returned API key as a sensitive secret.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes broad phrases such as 'alerts', 'market briefing', and generic analysis terms that can match many normal user requests, increasing the chance this skill is invoked unintentionally. In a finance-focused skill, unintended activation is more sensitive because it may lead to external data access, registration prompting, or transmission of portfolio/preferences data to a third-party service without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The registration flow instructs the agent to collect questionnaire answers and submit them to the service, which returns a new API key, but the skill text does not prominently warn that profile data will be transmitted off-platform or that registration creates and returns credentials. This is risky because users may disclose investment preferences and other profiling information without informed consent, and newly issued API keys may be exposed in chat history, logs, or downstream tool traces.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal