ClawHub

VibeTrader

Security checks across malware telemetry and agentic risk

Overview

VibeTrader is a coherent trading integration, but it gives an agent live trading and account-changing authority without clearly documented confirmations or risk controls.

Review this carefully before installing. Use paper mode first, do not provide a live-trading-capable key unless you trust VibeTrader and have verified broker-side limits, require explicit human confirmation for live orders and bot deletion, and keep the API key scoped, revocable, and rotated if exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly encourages live trading and direct purchase actions such as "Buy $500 of TSLA" and advertises "Live & Paper Trading" without any visible warning about financial risk, order execution consequences, or the need for user confirmation before real-money actions. In a conversational multi-channel setting, this increases the chance that users misunderstand examples as safe defaults and trigger unintended live trades with real financial loss.

Missing User Warnings

High
Confidence
94% confidence
Finding
The skill advertises live trading, manual order placement, position closing, and bot deletion as normal capabilities without prominent warnings, confirmation requirements, or discussion of irreversible financial/account consequences. In a finance skill, this creates a real risk that an agent or user could trigger real-money trades or destructive account actions based on ambiguous prompts or misunderstanding of the current trading mode.

Missing User Warnings

High
Confidence
96% confidence
Finding
The example prompts normalize switching to live trading and placing orders without any accompanying caution that these actions may immediately execute real-money trades. Because the skill is specifically designed for brokerage interaction, examples like these can encourage unsafe agent behavior and reduce the likelihood of users recognizing the need for explicit confirmation and risk checks.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The manifest declares a required API credential and a remote SSE MCP endpoint, but provides no user-facing notice about how that credential is handled or whether any sensitive trading-related data may be transmitted to the remote service. In a finance/trading skill, this omission is more dangerous because users may supply a credential that enables access to live account actions, portfolio data, or trading operations without clear disclosure of transmission and trust boundaries.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal