SnapTrade
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill mostly supports SnapTrade portfolio reporting, but it also asks for trading access and can place real buy/sell orders without clear safeguards, which exceeds the read/reporting description.
Install only if you intentionally want a SnapTrade skill that can do more than read balances. If you only need portfolio reports, remove or avoid the order and trade-reconnect scripts, use read-only SnapTrade connections, and do not schedule WhatsApp/cron reporting unless you explicitly want recurring financial updates sent that way.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could install the skill expecting portfolio summaries while also granting or enabling real trading capability.
The skill is framed as portfolio reporting and brokerage connectivity, but the same artifact includes trading instructions. Users may reasonably expect a read/reporting integration, not account-mutation authority.
description: Connect to a user's investment accounts via SnapTrade SDK and generate portfolio reports ... ### 2d) Place buy/sell orders (stocks/ETFs)
Either remove trading features from this skill or clearly rename/re-describe it as a trading-capable skill with prominent warnings.
A mistaken or overly autonomous invocation could buy or sell securities in the user's brokerage account.
The script directly submits buy/sell orders using CLI arguments, defaults to market orders, and does not implement an extra confirmation, preview, dry-run, or risk limit before placing the order.
p.add_argument("--order-type", default="market" ...); resp = client.trading.place_force_order(... action=args.action.upper(), ... symbol=args.symbol, units=args.units, ...)Require explicit per-order user confirmation, show a pre-trade preview, default to dry-run/read-only behavior, and add clear limits before any real order is submitted.
The user may grant trading permissions when they only intended to reconnect accounts for balance reporting.
The reconnect flow requests trade-level delegated access, which is broader than the read-only access needed for portfolio reporting and enables high-impact account actions.
client.authentication.login_snap_trade_user(... reconnect=target["id"], connection_type="trade", ...)
Use read-only connection types by default and require a separate, explicit opt-in flow for trade permissions.
Portfolio value information could be sent to the wrong destination or through an integration the user did not intend to use.
The workflow may send financial portfolio totals through an external messaging channel, but the artifact does not specify recipient verification or the WhatsApp integration boundary.
Use cron to call snaptrade_total.py, format a concise WhatsApp message, then send it to the user. Only the total value is required.
Only enable WhatsApp reporting after explicit user approval, verify the recipient, and document what financial data is sent.
The skill could keep accessing portfolio data daily after the initial setup if the user forgets about the scheduled job.
A cron job creates recurring background execution. This matches automated daily reports, but it should be explicitly user-controlled and reversible.
### 4) Schedule daily report Use cron to call snaptrade_total.py
Document the exact cron entry, require opt-in before creating it, and provide clear disable/removal instructions.
Users have less context for trusting the origin or maintenance of a financial-account integration.
The skill's provenance is not documented in metadata. The included dependency is pinned and the source is visible, so this is a provenance note rather than a standalone concern.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Verify the publisher and source before installing, and prefer a skill with a documented repository and review history.