ClawHub

QMT

Security checks across malware telemetry and agentic risk

Overview

This QMT trading skill is mostly documentation, but it teaches live trading and money-transfer actions with weak safety and credential-handling guidance.

Install only if you intentionally want an agent to assist with QMT brokerage workflows. Keep it in Review because connected examples can submit trades or move funds; require explicit per-action user approval, prefer paper/backtest modes, restrict accessible accounts, and never hardcode or log bank passwords or real account identifiers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The documented capability set exceeds the stated skill description by including bank/broker fund transfers and bank balance queries, which are materially more sensitive than ordinary trading-terminal functions. This can mislead users, reviewers, or policy gates into granting a higher-trust integration than intended, increasing the chance of unauthorized money movement or exposure of financial account data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The document includes concrete buy/sell order examples that appear directly usable in a live trading environment, but it does not warn readers that these APIs may execute real-money trades if run against a funded account. In a trading skill, omission of safety context materially increases the chance of accidental financial loss from copy-pasted example code or misuse by inexperienced users.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README includes a concrete live-trading example that places an order via `order_shares()` but does not clearly warn that the snippet can execute real-money trades in a broker-connected environment. In a trading skill, this omission materially increases the chance that a user copies the example into production or a live QMT session and triggers unintended market orders.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly documents live order placement functions such as buying, selling, target-value orders, and cancellation, but does not place an immediate, prominent warning near those examples that execution may affect a real brokerage account. In the context of a trading skill tied to broker-enabled QMT, an agent or user could copy or invoke these snippets against a live account, causing unintended financial loss through accidental trades rather than traditional code execution abuse.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The document presents live trading, cancellation, and fund-transfer operations as routine API calls without explicit warnings, confirmation expectations, or discussion of irreversible financial consequences. In a high-impact financial context, this increases the risk that an agent or developer will integrate or invoke dangerous operations without appropriate safeguards.

Missing User Warnings

High
Confidence
97% confidence
Finding
The examples normalize entering bank account numbers and plaintext bank/fund passwords directly into code and logs, which encourages insecure credential handling in a financial environment. If copied into production or repositories, this can expose credentials, enable unauthorized transfers, and compromise real brokerage/bank accounts.

Unpinned Dependencies

Low
Category
Supply Chain
Content
xtquant>=1.0.0
numpy>=1.20.0
Confidence
94% confidence
Finding
xtquant>=1.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
xtquant>=1.0.0
numpy>=1.20.0
Confidence
97% confidence
Finding
numpy>=1.20.0

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal