ClawHub

Exchange Copy Trading

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent and instruction-only, but it can automate a real exchange copy-trading commitment using a logged-in financial account.

Install only if you intentionally want OpenClaw to assist with real exchange copy trading. Use your own verified official exchange URL, keep limited funds in the session, verify the trader and amount yourself, and require the agent to stop before the final confirmation unless you explicitly approve the exact details shown on the page.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Low
Confidence
84% confidence
Finding
The reference file leaves future exchange support broadly described without clearly constraining when those actions may be invoked or what safety gates must apply. In a financial-automation skill, underspecified activation scope can cause the agent to generalize from Bitget behavior to other exchanges or trigger trading-related flows on ambiguous user requests, increasing the chance of unauthorized or unintended account actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documented flow explicitly automates entering a follow amount and clicking follow/confirm, but it does not require a user-facing warning or explicit last-mile confirmation before committing a copy-trading action. Because this operates on a logged-in exchange account with real funds, the absence of a warning materially raises the risk of unintended financial commitments or abuse through prompt ambiguity/social engineering.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal