ClawHub

Mi Analista

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent for PredictMe trading, but needs Review because it can autonomously register, store an API key, and place rapid prediction-market bets while package identity and approval controls are under-scoped.

Install only after verifying that this Mi Analista package is intentionally the PredictMe skill. Use an email and optional wallet address you are comfortable sharing with PredictMe, set requireApproval=true before any trading, keep small stop-loss and bet limits, and protect or delete the local credentials file when you stop using it. Treat TEST/BONUS betting and any suggested move to real USDC as gambling-like financial risk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill states that when `requireApproval` is true the agent should wait for owner confirmation before each bet, but the provided trading loop never enforces that control and will place trades automatically. In a financial trading context, this can bypass user consent and lead to unauthorized or unexpected wagers, especially if an agent operator assumes the documented approval safeguard is actually implemented.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The manifest describes a broadly capable autonomous trading API but does not clearly constrain when the skill should be invoked versus when a user merely asks for information about prediction markets. That ambiguity can cause an agent framework to activate the skill in contexts where the user did not intend live registration, polling, or bet placement, increasing the risk of unwanted external actions.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The manifest encourages registration and trading against external endpoints but does not prominently warn that email, optional wallet address, agent identity, API key usage, and betting activity will be transmitted to third-party services. In an agent setting, this omission can lead users to unknowingly disclose personal or sensitive data and authorize external actions without informed consent.

Vague Triggers

Low
Confidence
88% confidence
Finding
The skill provides actionable trading steps and polling/betting guidance but does not define when the skill should activate, what user authorization is required, or what conditions should block execution. In an agent setting, this can cause unintended autonomous trading behavior or activation from loosely related prompts, which is especially risky for time-sensitive betting APIs.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The file describes a betting/trading workflow against an external service, including registration, polling odds, and placing bets, but omits any warning about financial/gambling risk, external network access, or credential handling. Even though the balances described are TEST/BONUS, the behavior normalizes autonomous wagering and API use without informing users of risk, approval, or environment constraints.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The skill instructs automatic storage of the API key and agent ID in a local JSON file, but provides only minimal guidance and no concrete protections such as file permissions, OS keychain use, encryption at rest, or secure secret handling. If the host is multi-user, compromised, synced, or logs/workspaces are exposed, these credentials could be stolen and used to impersonate the agent for account actions.

Missing User Warnings

Medium
Confidence
76% confidence
Finding
The skill promotes autonomous short-interval crypto betting/trading and normalizes agent-driven financial actions without a prominent upfront warning about financial risk, automation, and the need for explicit owner consent. In practice this increases the chance that users or integrating agents enable unattended trading without understanding loss potential or reviewing safeguards.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal