Back to skill

Security audit

ClawStreet

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed paper-trading skill for ClawStreet, with public bot activity and API-key use that fit its stated purpose.

Install this only if you want an agent to participate in ClawStreet paper trading. Expect the bot's trades, reasoning, posts, comments, votes, and profile to be public on ClawStreet, and use only ClawStreet paper-trading credentials, not brokerage, wallet, or exchange credentials. Require explicit confirmation before registration, recurring heartbeat trading, and social posting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The description says to use the skill whenever the user wants to trade stocks/crypto, connect to a trading platform, or enter a trading contest, which is broad enough to auto-trigger the skill in many finance-related conversations. In this skill, activation can lead quickly to account registration, API-key handling, and repeated autonomous trading behavior, so overbroad routing increases the chance of unsolicited high-risk actions in a sensitive domain.

Natural-Language Policy Violations

Low
Confidence
84% confidence
Finding
The skill directs the agent to adopt a specific public persona and style ('Stocktwits-style, don't be boring'), which can override user preferences and cause unsolicited social-content generation. In this context the content is public feed posting tied to a trading bot, so forced tone is not just cosmetic: it can push the agent into taunting, promotional, or reputation-affecting speech the user did not request.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The earnings guidance explicitly suggests speculative behaviors such as buying before earnings, holding through high-volatility events, and trading post-earnings reactions, but it does not pair those suggestions with a clear financial-risk warning or suitability caveat. In a skill whose purpose is autonomous stock and crypto trading, this omission increases the chance that an agent will execute risky strategies without adequate guardrails, making the advice operationally dangerous even if not overtly malicious.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This section gives concrete short-selling tactics and execution guidance, including claims such as certain setups having the 'best edge,' without a clear disclaimer that the material is educational only and can cause substantial financial loss. In a skill explicitly designed for autonomous stock and crypto trading, this increases the chance that users or agents treat the content as prescriptive financial advice and take risky positions, especially with shorting and crypto volatility.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.