test
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: naif Version: 1.0.0 The skill bundle is classified as benign. All files consistently describe an AI-powered trading bot skill that connects to the VibeTrader service at `https://vibetrader-mcp-289016366682.us-central1.run.app/mcp`. It requires a user-provided `VIBETRADER_API_KEY` for authentication. The `SKILL.md` and other documentation clearly outline the skill's purpose, setup, and available tools, which are all aligned with managing trading bots and portfolios. There is no evidence of prompt injection attempts against the agent, unauthorized data exfiltration, malicious execution, persistence mechanisms, or obfuscation. The inherent risks are related to the domain of live trading, not the skill's malicious design.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or unintended instruction could result in real-money trades or closing positions if live trading is enabled.
The skill exposes high-impact financial actions, including live orders and closing positions, but the artifacts do not document approval gates, trade limits, or risk controls.
`place_order` | Place a buy/sell order; `close_position` | Close an existing position; `Live Trading`: Real money trades via Alpaca brokerage
Require explicit user confirmation for every live trade and position close, document paper-vs-live safeguards, and support clear trade-size, loss, and account-scope limits.
If the key grants live-trading authority, anyone or anything able to use the configured skill could potentially affect the linked trading account.
The API key is expected, but it appears to authorize portfolio access and trading actions; the artifacts do not explain credential scopes, revocation, or whether a limited paper-only key can be used.
`authenticate` | Connect with your API key (auto-uses env var if set); `VIBETRADER_API_KEY`
Use the least-privileged key available, prefer paper-only access by default, verify revocation steps, and avoid enabling live trading until the credential scope is clear.
Portfolio information, trading requests, and bot-management commands may pass through VibeTrader's remote MCP service.
The skill routes tool calls through an external MCP server. This is disclosed and purpose-aligned, but trading instructions and account-related responses may be sent to that service.
"mcp": { "server": { "type": "sse", "url": "https://vibetrader-mcp-289016366682.us-central1.run.app/mcp" } }Install only if you trust the provider, review its privacy and security documentation, and avoid sending sensitive account details beyond what is required.
A bot could keep trading after the initial request, potentially causing ongoing financial exposure if not monitored or paused.
Persistent automated trading bots are central to the skill, but the artifacts do not document runtime limits, maximum exposure, automatic stop conditions, or monitoring requirements.
Create and manage AI-powered trading bots ... Trade stocks, ETFs, crypto, and options with automated strategies; `start_bot` | Start a paused bot
Before enabling live bots, set explicit strategy limits, position limits, stop conditions, and monitoring procedures; confirm how to pause, delete, and audit bot activity.