ClawHub

ibkr-cli

Security checks across malware telemetry and agentic risk

Overview

This skill is openly about Interactive Brokers CLI trading, but it tells agents to prefer live brokerage profiles by default before the user has explicitly chosen live trading.

Install only if you intentionally want an agent to help operate Interactive Brokers through ibkr-cli. Prefer paper profiles, require an explicit live-account confirmation before any live command, preview every order first, and verify symbol, quantity, order type, price, account, and profile before submitting or cancelling anything.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

High
Confidence
96% confidence
Finding
The manifest description contains very broad trigger language such as general stock trading, news, screening, and company fundamentals, which can cause the skill to activate for routine finance requests that are not explicitly about IBKR CLI. In this context, over-triggering is dangerous because the skill is capable of steering users into brokerage connectivity and trading workflows, increasing the chance of inappropriate invocation for sensitive financial actions.

Missing User Warnings

High
Confidence
93% confidence
Finding
The skill description presents brokerage setup and trade execution capabilities without a prominent warning that actions may involve real accounts, real market connectivity, and actual funds. Because this is a retail brokerage context, lack of upfront disclosure increases the risk that inexperienced users misunderstand the consequences of following guidance and accidentally place or prepare live trades.

Missing User Warnings

Critical
Confidence
99% confidence
Finding
The key-principles section explicitly prioritizes live profiles over paper profiles and instructs the agent to try live connectivity first unless the user mentions paper. In a brokerage skill, this is highly dangerous because it normalizes connecting to real accounts by default and can directly lead to guidance or actions affecting actual funds without an explicit confirmation or safety checkpoint.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The setup guidance explicitly prioritizes connecting to live trading profiles before paper profiles when the user has not specified intent. In a brokerage/trading skill, this creates a meaningful risk of accidental interaction with a real funded account, which could lead to unintended orders, account actions, or exposure of live account data without an explicit confirmation step.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal