ClawHub

Alpaca Trading

Security checks across malware telemetry and agentic risk

Overview

This is a real Alpaca trading integration, but it exposes high-impact brokerage actions through broad triggers and an unrestricted curl wrapper, so users should review it carefully before installing.

Install only if you intentionally want an agent to access your Alpaca account. Keep the default paper-trading endpoint unless you explicitly need live trading, use restricted or paper API keys when possible, and require a clear readback and confirmation before any POST, PATCH, DELETE, option exercise, cancel-all, or close-all command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README explicitly promotes live trading and other irreversible financial operations but does not warn users about the risk of placing real-money trades, options exercise, or other actions with financial consequences. In an agent-skill context, presenting these capabilities without prominent safety guidance increases the chance that users or downstream agents will invoke dangerous actions without understanding that they may affect a live brokerage account.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are very broad and include common financial terms like buy, sell, trade, call, put, and stock price, which can cause the skill to activate in ambiguous conversations. Because this skill can access account data and submit trades, accidental activation materially increases the chance of unintended sensitive actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This reference includes many live brokerage and account-modifying commands without any prominent warning that they can place trades, liquidate positions, alter account settings, or exercise options in a real account. In an agent setting, this omission increases the chance of unsafe execution from ambiguous or insufficiently confirmed user requests, especially because financial actions can be irreversible or time-sensitive.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal