ClawHub

Binance Event Contract Skill System

Security checks across malware telemetry and agentic risk

Overview

This skill is not overtly malicious, but it needs review because it runs continuously, produces financial trading signals, logs performance, and sends alerts/reports to Feishu without enough user controls.

Install only if you intentionally want a continuously running crypto trading-analysis workflow. Before using it, confirm how to disable the minute-by-minute polling, where caches and execution logs are stored, what exactly is sent to Feishu, and treat all signal win-rate and position-size outputs as unverified financial analysis rather than trading guarantees.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly describes automatic minute-by-minute, 24/7 external API access but does not present a clear user-facing warning, consent step, or operational disclosure. This can lead to unexpected continuous network activity, increased rate-limit or cost exposure, and deployment into environments where persistent outbound connectivity is not acceptable.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly defines automatic Feishu pushes for loss alerts and scheduled reports derived from execution logs, but it does not disclose what execution-log content is transmitted, whether sensitive identifiers are included, or require user acknowledgement/controls for external sharing. This creates a real data-exposure risk because operational trading performance data may be sent to a third-party messaging platform without adequate transparency, minimization, or consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal