ClawHub
Back to skill

Security audit

Smart Agent Skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed trading automation skill, but it can place real Polymarket trades on a 15-minute schedule using an API key and an environment variable, which needs careful review before use.

Install only if you intend to run an automated trading agent. Keep RUN_LIVE unset unless you deliberately want real trades, use a limited-funded account or restricted key if available, set conservative TRADE_AMOUNT_USD and market parameters, and monitor scheduled runs because losses or repeated unintended trades may not be reversible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The manifest explicitly states that the AION API key is used for both market reads and trade execution, but it provides no user-facing safeguard, dry-run default, or confirmation mechanism. In a trading skill, that omission is dangerous because a user may supply credentials expecting analysis-only behavior while the skill is capable of placing real orders and causing immediate financial loss.

Missing User Warnings

High
Confidence
98% confidence
Finding
The RUN_LIVE environment variable enables live trading without requiring an explicit interactive --live confirmation, which weakens a critical safety control. Because this skill is scheduled via cron every 15 minutes, an accidental environment setting or inherited deployment configuration could repeatedly trigger unauthorized or unintended trades, amplifying financial risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal