Alpha Hound
Security checks across malware telemetry and agentic risk
Overview
This instruction-only stock screening skill is coherent and purpose-aligned, with minor transparency notes about web/API use and local read permission.
This appears safe to install as an instruction-only stock research helper. Be aware that stock criteria may be searched on external services, and verify any financial outputs independently before making investment decisions.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could use web tools for research and may have local read capability available, so users should avoid giving it unrelated private files unless needed.
The skill exposes local file reading plus web search/fetch tools. Web tools fit the stock research purpose; local Read is not specifically scoped in the instructions, though there is no evidence of broad file collection or misuse.
allowed-tools:\n - Read\n - WebSearch\n - WebFetch
Use the skill for explicit stock-screening tasks only, and review any request that involves reading local files.
The skill may rely on ambient web tools or unavailable API credentials, which could affect reliability or make data-source handling unclear.
The workflow references external API services, but the registry metadata declares no required environment variables, credentials, or install setup. This looks like incomplete integration metadata rather than malicious behavior.
FinnHub API 筛选... SERPER_API 搜索... JINA_API 抽取
Before relying on results, confirm which data providers are actually used and whether any API keys or account credentials are required.