ClawHub

Social Sentiment Trader

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it asks users to send payment credentials over plain HTTP and gives concrete trading instructions that could affect real money.

Review carefully before installing. Do not send real payment credentials over the listed HTTP endpoint, and treat all trading outputs as informational only rather than financial advice or an instruction to buy, sell, or size positions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly directs clients to send requests and payment credentials to an external host over plain HTTP, but does not warn users that their prompts, metadata, and payment artifacts will leave the local environment. This creates a real risk of credential exposure, interception, and unintended third-party data sharing, especially because the payment flow normalizes transmission of sensitive headers to an IP-based endpoint.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The manifest description is broad enough that an orchestrator could invoke this skill in loosely related financial, macro, or social-analysis contexts, increasing the chance of overreach. In a trading-oriented skill that also contains portfolio actions and signal generation, ambiguous routing can expose users to unrequested investment guidance and amplify downstream harm from mistaken or context-inappropriate use.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The file presents concrete trading actions such as buy/sell strength, suggested position sizing, stop-losses, take-profit levels, and exit guidance without an explicit financial-risk warning or limitation statement near the recommendations. In this context, the skill is not merely descriptive; it operationalizes trading behavior, which can cause users to treat outputs as actionable financial advice and incur significant losses, especially in volatile crypto and meme-asset markets.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal