ClawHub

Trade Audit

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed trading-audit helper that sends prepared decision details to Apus and keeps a local audit log, but it does not access wallets or execute transactions itself.

Install only if you are comfortable sending prepared trading or transfer decision context to Apus and keeping local audit records under ~/.trade-audit/. Do not include seed phrases, private keys, wallet credentials, API keys, unnecessary account identifiers, or sensitive strategy notes in the prepared bundle, and do not treat an APPROVE result as permission to execute a real transaction without your own confirmation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill advertises significant capabilities—reading prepared files, writing persistent audit logs, and making outbound network calls—without declaring permissions. This undermines informed consent and policy enforcement because users and hosts cannot accurately assess what the skill will access or transmit before invocation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill says it sends agent-prepared decision material to the Apus inference API, but the description does not clearly warn users that their prepared trading context may leave the local environment. Because the material may include addresses, transfer intents, positions, and other sensitive financial context, omission of an upfront transmission warning creates a real privacy and data-handling risk.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The skill persistently logs every run to ~/.trade-audit/audit.jsonl, including decision goals and identifiers, but the description does not surface this behavior as a privacy warning. Persistent local logs can expose sensitive financial intentions or operational history to other local users, backup systems, or later compromise of the host.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends the full decision bundle, including agent-prepared trading or transfer material, to a remote Apus inference endpoint without an explicit consent step or prominent disclosure at the point of transmission. In a mandatory audit gate for financial actions, this can expose sensitive strategy, wallet, address, or transfer metadata off-host and is more dangerous because all qualifying transactions must pass through this path.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The script persists decision artifacts and audit metadata to disk under the user's home directory without clear disclosure, which can leave behind sensitive records of trading intent, targets, confidence, and transfer context. In this skill's trading-audit context, those logs may reveal financial behavior or operational details to other local users, backup systems, or later compromise of the host.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal