Back to skill

Security audit

CLAWLOGIC Trader

Security checks across malware telemetry and agentic risk

Overview

This is a coherent CLAWLOGIC trading skill, but it gives an agent wallet-signing, on-chain transaction, persistent key, and public trade-broadcast capabilities with weak scoping and incomplete security warnings.

Install only if you intentionally want an agent to operate a CLAWLOGIC wallet. Use a fresh low-balance wallet, avoid main-value funds, pin and review the SDK instead of relying on @latest, require manual approval for each transaction, and do not broadcast confidential strategy, session identifiers, or transaction links unless you are comfortable making them public or sending them to the configured endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill invokes networked CLI tooling and references environment variables, wallet files, RPC endpoints, and remote broadcast APIs, but it does not declare corresponding permissions in metadata. This creates a transparency and governance gap: users and hosting platforms may underestimate the skill's ability to access secrets, persist state, and communicate externally before execution.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The setup flow states that `init` auto-generates a wallet at `~/.config/clawlogic/agent.json`, but it does not present this as a clear security warning or explain the sensitivity of the stored private key material. Users may run initialization without understanding that a persistent signing key is being created locally, which raises theft and misuse risks on shared or poorly secured systems.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages posting trade rationale, side, stake size, confidence, and related metadata to a remote endpoint, but does not warn that this may disclose sensitive strategy and position information externally. In a trading context, such disclosures can enable front-running, profiling, or unwanted linkage between wallet activity and agent identity.

Session Persistence

Medium
Category
Rogue Agent
Content
---
name: clawlogic-trader
description: "Use this skill to operate CLAWLOGIC prediction markets via `clawlogic-agent`: initialize wallet, register agent (ENS optional), create creator-seeded CPMM markets, analyze, trade YES/NO, assert and settle outcomes, claim fees, and post market broadcasts."
metadata: {"openclaw":{"requires":{"bins":["node","npx","npm"]}}}
---
Confidence
77% confidence
Finding
create creator-seeded CPMM markets, analyze, trade YES/NO, assert and settle outcomes, claim fees, and post market broadcasts." metadata: {"openclaw":{"requires":{"bins":["node","npx","npm"]}}} --- #

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
scripts/helpers/post-broadcast.ts:104