ClawHub

新股申购助手

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed IPO lookup and analysis helper; its network access, local caching, optional Tushare token use, and reminder support fit that purpose, with some configuration and data-integrity cautions.

Install only if you are comfortable with it contacting public financial-data services, writing local cache/config files, and optionally using a Tushare token from the environment or data/tushare_token.txt. Treat outputs as informational rather than financial advice, verify IPO data against official exchange announcements, and prefer HTTPS data sources if you modify the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill advertises executable capabilities that imply network access, local file reads/writes, and possible environment-variable access, but it does not declare permissions for them. This creates a trust and sandboxing problem: operators and users cannot accurately assess what the skill may access, and a runtime may grant broader behavior than expected.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The documented purpose understates the actual behavior: the skill appears to access third-party services, read tokens from environment variables or files, write cache/reminder data, and generate scheduled reminder behavior. Undisclosed external access and secret handling increase the risk of unintended data exposure, persistence, and operator misconfiguration, especially when users expect only a simple IPO information assistant.

External Transmission

Medium
Category
Data Exfiltration
Content
## 一、新股发行数据

### 东方财富网
**URL**: http://data.eastmoney.com/xg/xg/default.html

**数据内容**:
- 新股申购列表
Confidence
90% confidence
Finding
http://data.eastmoney.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal