ClawHub

Stock Price Checker Pro

Security checks across malware telemetry and agentic risk

Overview

This stock checker runs a local Python script to fetch Yahoo Finance market data, and its sensitive behaviors are disclosed and proportionate to that purpose.

Install only if you are comfortable with a skill running local Python code, installing yfinance through uv, and contacting Yahoo Finance. For tighter supply-chain control, review or pin the yfinance dependency before first use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
80% confidence
Finding
The skill instructs execution of local code and indicates capability to access environment data, but it declares no corresponding permissions or user-facing warning. This reduces transparency and can let the script read sensitive configuration or tokens from the runtime environment without the reviewer or user understanding that risk.

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The skill is presented as a simple local stock-price checker, but its documented behavior expands to network-backed data retrieval, news collection, historical analysis, and corporate event fetching via Yahoo Finance. This mismatch is dangerous because users and agent policy may approve a narrow action while the skill performs broader external data access and processing than advertised.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill description says it fetches current stock prices, but this function also retrieves and returns news, historical price ranges, market-cap/volume data, and corporate events. That scope expansion is a real security and trust issue because agents or users may invoke the skill expecting a narrow price lookup while it performs broader third-party data collection and output generation than advertised.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
Company-news retrieval is outside the stated purpose of a stock-price checker and introduces additional unneeded external content into the skill output. Pulling and presenting third-party news increases attack surface for prompt injection, misleading content, or privacy/compliance issues, especially in an agent context where untrusted text may later influence downstream behavior.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill directs the agent to execute a local Python script with `uv run`, which may auto-install dependencies and initiate network access, without clearly warning about code execution or package retrieval. This creates supply-chain and runtime risk because dependency resolution and script execution occur implicitly from a user request that appears to be a simple data lookup.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal