ClawHub

Stock Valuation

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed stock valuation report generator that uses public market data and local report files, with finance-advice risk users should treat cautiously.

Install only if you want an opinionated stock-analysis report generator. Treat its Buy/Sell labels, price targets, technical signals, and options sentiment as informational analysis rather than financial advice, and avoid providing portfolio details or personal financial information. Be aware it creates local files in /tmp and uses unpinned third-party Python dependencies and public web/market data sources.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill clearly instructs the agent to execute shell commands, read generated artifacts, and write multiple files, yet it declares no permissions or user-visible capability boundaries. This is dangerous because it hides the real execution surface from reviewers and users, making it easier for a seemingly simple research/report skill to perform local actions they did not explicitly authorize.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The script goes beyond neutral report formatting and deterministically generates explicit investment recommendations such as 'Strong Buy', 'Buy', 'Sell', plus scenario-based price targets. In an agent skill intended to assemble valuation reports from mixed public and research inputs, this creates unauthorized financial-advice behavior that can drive user action without suitability checks, disclosures, or human review.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
This section generates technical-trading interpretations such as oversold/overbought, bullish/bearish crossovers, and 'contrarian entry point' language tied to upcoming earnings. That materially expands the skill from valuation reporting into market-timing guidance, increasing the chance that users rely on speculative signals that are outside the stated purpose and may be unsupported or misleading.

Context-Inappropriate Capability

Medium
Confidence
87% confidence
Finding
The options section infers directional market positioning from put/call ratios, IV skew, and earnings timing, then summarizes these as an 'Options Read.' In a stock-valuation skill, this introduces short-term trading and sentiment guidance that can influence speculative decisions and is more dangerous because the skill metadata explicitly says it is not for real-time trading signals.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The skill directs the agent to save intermediate research, HTML, and PDF outputs into /tmp without warning the user that local files will be created. While /tmp use is common, it can expose sensitive research artifacts or generated reports to other local processes or later sessions on misconfigured systems, and it reduces transparency about data persistence.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal