Security audit

OpenClaw Backtester

Security checks across malware telemetry and agentic risk

Overview

This is a local trading backtest helper with some overstated documentation, but no evidence of hidden data theft, persistence, or destructive behavior.

Install only if you want a local A-share SQLite backtesting script. Treat the advertised advanced features as unconfirmed, verify the package identity if provenance matters, and install Python dependencies from trusted sources before running it.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 94% confidence
Finding: The skill documentation appears to overstate and misrepresent the actual behavior and scope of the tool, including hidden reliance on a specific local SQLite path and unsupported claims about strategy coverage and output metrics. This is dangerous because users may trust the skill inappropriately, expose sensitive local data paths, or make financial decisions based on assumed capabilities that are not actually implemented.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal