Portfolio Trader
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill can connect to brokerage accounts and place real buy/sell orders, but it does not clearly limit or confirm those high-impact trading actions.
Install only if you want SnapTrade brokerage access and understand the trading features. For reporting, use read-only connections, protect the local SnapTrade secrets file, avoid enabling trade permissions, and do not allow any buy/sell order unless you have reviewed and confirmed the exact account, ticker, quantity, order type, and price.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with incorrect or misunderstood arguments, the agent could place real market or limit trades and cause financial loss.
This directly places brokerage buy/sell orders. The artifacts do not show an order-impact preview, checked trade flow, or explicit confirmation before sending the order.
resp = client.trading.place_force_order(... action=args.action.upper(), order_type=normalize_order_type(args.order_type), ... symbol=args.symbol, units=args.units ...)
Require explicit per-order user confirmation, show a preview/order impact, prefer SnapTrade's checked trade flow, and remove or disable trading if the user only wants portfolio reports.
A linked brokerage account may grant the skill trading authority, not just portfolio-read authority.
The reconnect flow requests a trade-capable brokerage connection, expanding delegated account privileges beyond read-only reporting unless the user explicitly intends trading.
connection_type="trade"
Default to read-only connections for reporting, clearly label any trade-permission flow, and require a separate opt-in before requesting trade access.
The skill could continue running daily and sending portfolio totals until the scheduled job is removed.
This describes a persistent scheduled job. It is aligned with automated daily reports, but it creates ongoing activity after setup.
Use cron to call `snaptrade_total.py`, format a concise WhatsApp message, then send it to the user.
Only enable scheduling after explicit user approval, document the exact cron entry, and provide a clear removal command.
Portfolio value could be exposed through the user's messaging provider or to anyone with access to that chat.
The workflow sends sensitive financial summary data through an external messaging channel. It is disclosed and limited to total value, but the artifacts do not define the WhatsApp sender, retention, or transport controls.
format a concise WhatsApp message, then send it to the user. Only the total value is required.
Confirm the destination, keep the message minimal, and let the user choose whether financial totals should be sent over WhatsApp.