ClawHub

Pacifica

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Pacifica crypto trading skill, but it grants an agent broad access to trade, change leverage, transfer funds, and withdraw USDC with triggers and safeguards that are too loose for real financial actions.

Review carefully before installing. Use only with a trusted Pacifica MCP or CLI package, prefer testnet or a low-balance dedicated wallet, protect the generated wallet file, and require explicit confirmation for every trade, leverage or margin change, batch order, transfer, withdrawal, and cancel-all action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger text is broad enough to match many ordinary crypto-related questions, which can cause the skill to activate when the user only wants informational help rather than account access or trading actions. In a trading skill with order-placement and withdrawal capabilities, unnecessary invocation increases the chance of unintended tool use, privacy exposure, or action-oriented prompting in the wrong context.

Vague Triggers

Low
Confidence
86% confidence
Finding
Activating on simple mentions of assets like BTC, ETH, or SOL is ambiguous because those symbols appear in many benign discussions unrelated to Pacifica trading. In this skill, that ambiguity matters because the toolset includes sensitive trading and account operations, so over-triggering can steer conversations toward unnecessary financial actions or expose account context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal