ClawHub

Autonomous Trading System

Security checks across malware telemetry and agentic risk

Overview

This autonomous crypto-trading skill asks for Binance credentials and promotes unattended trading without enough live-trading safeguards or credential guidance.

Review carefully before installing. Use only paper trading or a testnet until you verify the implementation and controls, create trading-only Binance API keys with withdrawals disabled, set strict position and loss limits, and do not allow unattended live trading unless you can monitor and stop it quickly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The README markets the system as '稳定盈利' (stable profitability) while later disclaiming that it does not guarantee returns. In a trading automation context, this contradiction can mislead users into overtrusting a high-risk financial system, increasing the chance of financial harm from deceptive or irresponsible claims.

Missing User Warnings

High
Confidence
97% confidence
Finding
The document’s stated goal is a fully autonomous, unattended trading system that can place real trades and manage positions without human review, but it provides no user-facing warning about financial loss, exchange-account impact, or the irreversible nature of executed orders. In a trading skill, omission of explicit risk disclosure and operator approval boundaries is dangerous because users may deploy it against live accounts assuming the architecture is safe for unattended use.

Missing User Warnings

High
Confidence
98% confidence
Finding
The architecture explicitly emphasizes '自主决策' and '不需要人工确认每笔交易', removing per-trade human confirmation while presenting the system as stable and unattended. In the context of a trading agent, that materially increases the chance of unauthorized or poorly understood live-account actions, especially when coupled with claims of self-evolution and zero intervention.

Missing User Warnings

High
Confidence
99% confidence
Finding
This section gives concrete logic for calculating position size, selecting order types, splitting orders, placing trades, and monitoring fills, all without any adjacent warning that these actions can directly affect brokerage or exchange accounts and cause immediate losses. Because the skill is specifically designed for autonomous order execution, the lack of guardrails and disclosures makes the content more dangerous than a generic educational trading discussion.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The memory integration stores trade records, lessons, strategy context, and searchable historical performance without any disclosure about what data is retained, how long it is kept, who can access it, or whether it may contain sensitive account or behavioral information. In a financial system, such retained trading history can expose portfolio behavior, strategy details, and potentially account-linked data if the memory service is misconfigured or shared.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The manifest explicitly declares BINANCE_API_KEY and BINANCE_API_SECRET as required environment variables, which signals the skill will handle highly sensitive trading credentials. In the context of an autonomous crypto trading system, the absence of any warning about storage, scope, withdrawal permissions, or privacy handling increases the risk that users will provide overly privileged keys and expose funds to unauthorized trading or account compromise.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal