bot-trade

Security checks across malware telemetry and agentic risk

Overview

This is a coherent simulated trading skill, with a real sample-code safety bug users should fix before allowing automated trades.

Install only if you want an agent to interact with the MossTrade simulated trading API. Before using automation, require explicit limits for leverage and position size, keep the API key private, and fix or avoid the provided close_position helper unless it sends reduce_only:true and validates the current position size.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Intent-Code Divergence

High

Confidence: 97% confidence
Finding: The sample code’s close_position() method contradicts the earlier safety guidance by placing a reverse market order without setting reduce_only=true. In a one-way position system, this can unintentionally open a new opposite position after flattening, causing unauthorized account state changes and unexpected trading losses.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill encourages autonomous execution of trading strategies from natural-language instructions without a clear confirmation boundary or warning that this will place orders and alter account state. That creates a prompt-to-action hazard where ambiguous or casually phrased user input may trigger risky financial operations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal