ClawHub

111

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its A-share market report purpose, but it needs review because it reserves sensitive credentials and claims automatic report pushing without clear destination or controls.

Review before installing. Use it only as informational financial analysis, avoid relying on its stated win rates, and do not fill optional email, webhook, JoinQuant, or iFinD credentials unless the publisher documents exactly how they are used. Confirm whether any cron job or automatic push is installed and how to disable it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrase "分析市场" is broad enough to appear in ordinary finance-related conversation, which can cause unintended skill activation. In an agent environment, accidental activation may prompt the skill to generate reports, fetch market data, or initiate downstream automated behaviors without clear user intent.

Vague Triggers

High
Confidence
98% confidence
Finding
Using "Marcus" alone as an activation term is highly ambiguous because it is a common name and may occur in unrelated conversation. This raises the risk of frequent unintended activation, especially in multi-agent or chat contexts, potentially causing unauthorized analysis, data pulls, or automated report generation.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill states that a cron job automatically generates and pushes reports, but it does not disclose where the data is sent, what content is transmitted, or what permissions are involved. Lack of transparency around outbound transmission creates a security and privacy risk because users cannot assess whether market data, configurations, tokens, or generated reports are being sent to external systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal