Back to skill

Security audit

Robonet

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about being a trading workbench, but it gives agents live trading deployment and restart paths without strong confirmation or loss-risk guardrails.

Install only if you trust Robonet and understand which API key, wallet, vault, and credit account the MCP server can use. Before any deployment or restart, require a separate explicit confirmation, verify symbol/leverage/account/risk limits, prefer a low-balance or isolated account, backtest first, and monitor active deployments so they can be stopped quickly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents live deployment workflows for trading bots but does not place a clear, explicit warning that these actions can initiate real-money trades and cause direct financial loss. In an agent setting, operational instructions can be acted on quickly, so presenting deployment as a normal next step after backtesting materially increases the chance of unsafe or unintended live trading.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example prompt directly instructs the agent to deploy a strategy to Hyperliquid with leverage, but it does not warn that this could activate live, leveraged trading using real funds. Because example prompts are likely to be copied verbatim, this omission creates a strong risk of accidental execution of financially harmful actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The deployment tools explicitly support creating, starting, and stopping live trading agents on Hyperliquid, but the catalog does not clearly warn that these actions can place real trades, affect live positions, and risk real funds. In a trading skill, omission of prominent risk and confirmation guidance increases the chance that an agent or user invokes these tools as if they were harmless operational commands, leading to unintended live-market activity.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.