ClawHub

Tradealpha Realtime News

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate realtime news integration, but it needs review because broad news prompts can use a local TradeAlpha token and send authenticated requests to a third-party service.

Install only if you intentionally want generic news requests to use TradeAlpha and are comfortable sending TradeAlphaToken-backed requests to quantaccess.lxaa.top. Prefer invoking it with explicit TradeAlpha wording, restrict the token scope if possible, and rotate the token if you are unsure where it has been sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill directs execution of a local Node.js script that reads an environment variable token and sends requests to an external service, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: a host may allow the skill to access env vars and the network without users or platform controls being explicitly informed, increasing the risk of unintended secret use and data exfiltration to a third-party domain.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger examples use very broad everyday phrasing such as asking to 'pull news' or 'look at domestic news', which can cause the skill to activate unintentionally when a user did not clearly intend to invoke this external-news integration. Because the skill performs external data retrieval and relies on a credential-backed token, overbroad invocation increases the chance of silent data transmission and unexpected third-party access.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The file states that the script reads a token from the environment variable `TradeAlphaToken` and uses it to call an external endpoint, but it does not warn users that credentials will be used or that requests are sent to a third-party service. In an agent setting, this omission can lead to uninformed credential use, accidental external transmission, and reduced ability for users or operators to assess privacy and security implications.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends a bearer token to an external third-party endpoint and also includes the same token inside the JSON request body, but it does not clearly disclose that credentials and query parameters will be transmitted off-platform. In a skill context, users may invoke this expecting local processing, so silent credential transmission increases the risk of unintended secret exposure, misuse of paid/private API access, and broader data-sharing than necessary.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal