ClawHub

Fia Signals

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward crypto market-data skill that calls a disclosed external API, with payment and disclosure caveats users should notice.

Install only if you are comfortable sending crypto market queries and symbols to x402.fiasignals.com. Check the current price before using non-preview endpoints, and do not assume the market signals are financial advice or a guarantee of trading outcomes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill advertises execution of a local shell script that performs live network access, but the manifest does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: users or the platform may invoke a capability-bearing skill without an explicit permission review, increasing the chance of unintended external requests or shell-side effects.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README advertises paid commands and mentions prices, but it does not clearly warn that running those commands can trigger an x402 payment flow and spend USDC. In an agent setting, users may copy or authorize commands without realizing they are approving value transfer, which creates risk of unintended micropayments or repeated charges through automation.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description contains broad natural-language phrases such as 'what's the market doing' and 'is BTC bullish,' which can cause the skill to auto-invoke on loosely related conversation. Over-broad invocation increases the chance that a network-capable shell-backed skill is selected unexpectedly, exposing user prompts or causing unneeded external calls.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The script sends user-controlled inputs such as the selected action and symbol-derived query parameters to an external service at x402.fiasignals.com, but the help text and behavior do not clearly disclose that these values leave the local environment. This is primarily a transparency/privacy issue rather than code execution, but it can expose trading interests or queried assets to a third party.

Missing User Warnings

Low
Confidence
95% confidence
Finding
The preview action performs a direct network request to the external API without any corresponding notice in the advertised help output for that action. In a security-sensitive agent environment, undisclosed outbound requests reduce user awareness and can leak usage metadata or queried market interests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal