Back to skill

Security audit

Simul8or Trader

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate simulator-trading skill, but it sets up persistent autonomous account actions with limited user control and cleanup guidance.

Install only if you intentionally want an autonomous simulator bot that can run every 5 minutes, persist across restarts, store local state in your home directory, and place trades on your Simul8or account. Use a dedicated simulator-only API key, verify the npm package source before installing, decide your own trade limits, and make sure you know how to remove the cron job, stop PM2 startup persistence, delete the local state files, and revoke the API key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to write to files in the user's home directory such as ~/price-history.jsonl and ~/commands.json, but provides no warning, consent boundary, or path restrictions. Even if intended for normal operation, this creates a persistent local side effect surface and could overwrite existing files, leak data into predictable locations, or be repurposed by an autonomous agent in unsafe ways.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.