ClawHub

Grvt Markets

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about being a GRVT trading tool, but it gives an agent sensitive authority over crypto trades, transfers, withdrawals, leverage, and stored private keys.

Install only if you are comfortable letting an agent operate a crypto derivatives CLI. Prefer testnet, avoid using large balances or production private keys, do not use --yes for financial actions, require explicit approval for each live trade, transfer, withdrawal, leverage change, or config export with secrets, and rotate or clear credentials after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger wording is ambiguous because it mixes benign read-only use cases with dangerous financial actions without clear constraints. In this context, ambiguous routing is risky: an agent may invoke the skill for fund movements or trading actions without strong safeguards, especially given the skill itself documents unaudited software and plaintext key storage.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger wording is ambiguous because it mixes benign read-only use cases with dangerous financial actions without clear constraints. In this context, ambiguous routing is risky: an agent may invoke the skill for fund movements or trading actions without strong safeguards, especially given the skill itself documents unaudited software and plaintext key storage.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation includes examples that pass an API key and Ethereum private key directly on the command line, which can expose secrets through shell history, terminal logging, audit logs, and process listings visible to other local users or monitoring tools. In the context of a trading skill for a derivatives exchange, compromise of these credentials can enable unauthorized trading, account access, fund movements, and withdrawal-related abuse.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This documentation presents live trading commands that create or modify exchange state without an explicit warning that they can place real orders, cancel protection orders, or otherwise affect funds and positions. In an agent skill context, omission of a clear safety notice increases the chance that a user or downstream agent executes examples as if they were harmless demonstrations, leading to unintended financial loss.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The leverage-setting command lacks any warning that increasing leverage materially raises liquidation risk, reduces margin for error, and can amplify losses very quickly. Because this skill is specifically for a live derivatives exchange, the missing warning is more dangerous than in generic docs: an agent or user may treat leverage changes as routine configuration rather than a high-risk account action.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal