ClawHub

Edge.Trade

Security checks across malware telemetry and agentic risk

Overview

This is a real crypto trading integration that discloses its main capabilities, but it needs Review because it can place orders and manage wallet-related flows without clear consent boundaries.

Install only if you intentionally want an agent connected to Edge.Trade for crypto workflows. Use a limited API key where possible, require manual confirmation before every order, cancellation, strategy, wallet-management action, or alert subscription, and avoid invoking it for general investing education or casual token questions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation description is broad enough to match many generic finance or investing queries, which can route users into a high-risk crypto trading skill even when they did not explicitly request trading actions. In this context, overbroad routing is more dangerous because the skill exposes order placement, wallet, and agent wallet-management capabilities, increasing the chance of unintended financial operations or unnecessary access to sensitive portfolio data.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The manifest describes broad, high-risk capabilities such as wallet analysis, order placement, and price alerts without clearly constraining when the skill should activate or when it must refuse to act. In an agent setting, vague activation scope increases the chance the skill is invoked for unintended financial actions or exposed to prompts that trigger sensitive operations without sufficient user awareness.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill can place orders, make outbound network requests, and launch an MCP server using a secret API key, but the manifest does not present a clear user-facing warning about these sensitive behaviors. In a financial context, this omission is dangerous because users may not realize the skill can initiate market actions or transmit portfolio-related data to an external service.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal