ClawHub
Back to skill

Security audit

Signal Verification Network: Cryptographic Proof for Trading Signals

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only trading-signal verification guide with disclosed credential and escrow examples, but users should treat its payment and credential samples as high-risk production patterns that need review.

Install only if you intend to build with GreenHelix trading-signal verification. Use sandbox credentials first, do not expose long-lived signing keys or API keys to an agent runtime, add explicit approvals before escrow release or dispute filing, validate webhook destinations, and review the timestamp and dispute-evidence logic before relying on it for real funds.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The guide explicitly claims proof relies on platform-recorded timestamps, but the implementation stores and returns locally generated `time.time()` values for `committed_at` and related timing fields. That mismatch can cause downstream systems or users to rely on provider-controlled clocks as if they were authoritative proof, weakening the core anti-backdating guarantee of the design.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The documentation says disputes submit serialized evidence, but the actual `file_dispute` implementation discards the evidence package and sends only a text reason. This creates a false assurance that disputes are data-backed and can lead to incomplete adjudication, failed recoveries, or easy repudiation because the verifiable proof is never attached to the dispute.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill requires an `AGENT_SIGNING_KEY` and repeatedly demonstrates API credential usage without a strong warning against hardcoding, logging, or exposing secrets. In a guide aimed at production-ready workflows, this omission increases the chance users will embed long-lived keys in code, shells, notebooks, or agent configs that may later leak or be reused by attackers.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The examples perform financially and operationally sensitive actions such as escrow creation/release, dispute filing, and webhook registration without prominent warnings about side effects, authorization requirements, or confirmation safeguards. In an agent setting, users may adapt the code into automation that moves funds, triggers disputes, or registers external callbacks unintentionally or prematurely.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal