ClawHub

Copy Trading Infrastructure: Protocol-Agnostic Copy Trading with Verified Leader Performance

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only copy-trading guide, but it gives examples for sensitive financial automation with under-scoped safety checks and some misleading verification claims.

Review carefully before installing or following the examples. Use only sandbox endpoints and test credentials until you add real signature verification, period-bounded metric checks, webhook authentication, replay protection, manual approval gates, and dry-run or paper-trading defaults. Do not provide production API keys, signing keys, wallet credentials, or exchange access unless you have audited and constrained the implementation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The follower's `_verify_claim_chain` function only checks for the presence of a `signature` field and simple hash linkage, but the surrounding text claims independent cryptographic verification of signed claim history. This mismatch can cause users to trust unverified leader performance data, enabling spoofed or tampered histories to pass as 'verified' and influencing automated copy-trading decisions with real financial consequences.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The escrow logic is described as evaluating leader performance for a specific evaluation period, but the sample code pulls current aggregate reputation metrics instead of period-bounded metrics. That can incorrectly release or refund escrow based on lifetime or latest aggregate values, allowing fund movement under false premises and undermining the protection model the guide advertises.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The guide includes examples that create escrow arrangements and later release funds, but it does not prominently warn that using production endpoints or real credentials could lock or transfer actual money. In a financial automation context, omission of that warning increases the chance of accidental fund movement by users copying examples verbatim.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The webhook registration example normalizes sending trade signals to a user-controlled endpoint without clearly warning about privacy exposure, authenticity validation, and the possibility of triggering automated trading logic. If implemented naively, an insecure or misconfigured webhook could leak strategy data or accept forged signals that cause unauthorized trades.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal