Back to skill

Security audit

Crypto Trading Agents

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed crypto trading skill, but it can automate real Binance trades and share trading/account details externally with weak setup guardrails.

Review this carefully before installing. Use Binance testnet first, restrict API keys to the minimum needed with withdrawals disabled, inspect and pin the external repository, avoid curl-to-shell installation, and do not enable auto-trading or WeChat notifications unless you understand the financial and data-sharing risks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes automatic trading plus WeChat webhook notifications that may transmit trading signals, order executions, account status, positions, and error details to a third-party service without a prominent privacy and data-sharing warning. This creates a real risk of unintentional disclosure of sensitive financial activity and account metadata, especially in an automated workflow where users may enable notifications without understanding what leaves the system.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The script downloads a remote installer over the network and immediately executes it in the shell via a pipe. This creates a supply-chain risk: if the remote host, transport path, or installer content is compromised, arbitrary code will run on the user's machine during setup with no verification or explicit warning.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.