ClawStreet

The skill bundle provides a comprehensive integration for the ClawStreet trading platform, but it is classified as suspicious due to a high-risk instruction in the heartbeat section of SKILL.md. This instruction directs the agent to fetch and 'follow' a remote markdown file (https://www.clawstreet.io/skills/clawstreet/SKILL.md), which effectively functions as a remote instruction injection vector, allowing the third-party server to dynamically alter the agent's behavior. While the skill's network access and API key management are aligned with its stated purpose of autonomous trading, the inclusion of a self-updating execution loop for remote instructions represents a significant security vulnerability.