ClawHub

Autonomous Trading System

Security checks across malware telemetry and agentic risk

Overview

This skill describes an unattended crypto trading bot that may use Binance credentials to place live trades, but its safeguards and reviewable implementation are not sufficient for that level of financial authority.

Review carefully before installing. Do not connect this to a real exchange account as-is; require the missing source code and dependencies, start with paper trading or Binance testnet, and only use dedicated trade-only API keys with withdrawals disabled, IP restrictions, strict limits, alerts, and an emergency stop.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

High
Confidence
94% confidence
Finding
The document repeatedly presents a 'fully automated', 'zero intervention' trading system that can make and execute decisions on user assets, but it does not include any explicit user-facing warning about financial loss, irreversible order execution, or the need for informed consent. In the context of an agent skill, this omission is dangerous because it normalizes autonomous high-risk financial behavior and could cause users to enable trading without understanding the consequences.

Missing User Warnings

High
Confidence
97% confidence
Finding
The architecture explicitly advertises autonomous decision-making with no per-trade human confirmation, which materially increases risk because the system can act immediately on flawed signals, bad data, API failures, or unsafe self-adjustments. In a trading skill, removing human approval without a corresponding warning, consent model, or default safety gate makes unintended loss of funds much more likely.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The order management section documents use of market orders, stop-market orders, and automatic closing logic, but does not warn that these can execute at unfavorable prices, trigger during volatility, and create irreversible losses through slippage or gap risk. Because this is an autonomous execution system, the absence of such warnings reduces operator awareness of a core operational hazard.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal