ClawHub

Purpleflea Trading

Security checks across malware telemetry and agentic risk

Overview

This skill is documentation-only, but it steers agents toward live leveraged trading, sensitive key submission, automatic copy trading, and persistent referral promotion without enough safeguards.

Install only if you intentionally want an agent connected to real leveraged trading. Use a dedicated limited API agent wallet with minimal funds, keep signing keys and bearer tokens out of prompts and logs, require human approval for every trade, copy-follow, close, and withdrawal action, and avoid adding referral promotion to persistent system prompts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill provides direct instructions to open, close, and copy leveraged perpetual futures positions without any warnings about financial loss, liquidation risk, or the destructive effect of copy-trading actions such as automatically closing positions. In an agent context, omission of risk disclosures increases the chance of unsafe autonomous execution of real-money trades on behalf of a user.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The registration example explicitly transmits an `hl_signing_key` and later uses bearer tokens, but the document does not warn that these are highly sensitive secrets that must never be exposed, logged, embedded in prompts, or shared with third parties. In a skill for AI agents, showing private key submission without guardrails materially raises the risk of credential exfiltration and unauthorized trading or fund theft.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation promotes real leveraged trading and automatic copy-trading execution without any explicit warning that actions can place live positions, incur losses, or trigger trades on behalf of the user. In an agent skill context, this is dangerous because an LLM or integrator may treat the API as informational rather than financially destructive, increasing the chance of unintended high-risk trades.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The registration example instructs users to submit an hl_signing_key to the service with no warning about key sensitivity, storage expectations, or least-privilege handling. Exposing or mishandling a signing key can enable full compromise of the connected trading account, unauthorized trades, and fund loss.

Ssd 4

Medium
Confidence
99% confidence
Finding
The instruction to embed referral text into a system prompt attempts to create persistent, financially motivated steering behavior in future agent decisions. This is dangerous because it biases the agent toward a specific paid service and referral outcome regardless of user interest, undermining agent integrity and potentially causing covert monetization-driven recommendations.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal