CAI: trade-xyz-with-cai

Security checks across malware telemetry and agentic risk

Overview

This is a coherent trading skill, but it should be reviewed because it can guide live account-affecting trades using wallet/API credentials without clear risk or confirmation guardrails.

Install only if you intend to let an agent help with live CAI/Hyperliquid trading. Use the least-privileged API scope available, confirm every order or cancellation yourself, and treat defi_trade actions as real transactions that can create losses, fees, liquidation risk, or unintended exposure.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill gives concrete instructions for placing and canceling live trades through custodial trading tools without an explicit warning that these actions can move funds, open leveraged positions, or create real financial loss. In an agent setting, omission of account-impact and risk disclosures increases the chance that a user or downstream agent treats the flow as routine status-checking rather than a high-consequence action.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal