Clap Trader

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it can place real Binance trades without a built-in confirmation or spending limit.

Review carefully before installing. Use only a restricted Binance API key with withdrawals disabled, start with dry-run, require your own explicit approval before every live order, set external spending and symbol limits, and treat the generated logs as private financial records.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill directly instructs execution of live Binance market orders using real API credentials, but the warning focuses on secret handling rather than financial loss, irreversible asset movement, or the need for explicit user confirmation. In this context, an autonomous or semi-autonomous agent could place real trades immediately, causing direct monetary loss from bad decisions, prompt injection, or misuse.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The script places live Binance orders immediately when invoked without any secondary confirmation, safety interlock, or explicit acknowledgement that real funds will be used. In an agent skill context, this is especially dangerous because automated or mistaken invocations can directly trigger irreversible financial transactions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal