ClawHub

x-trading

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed trading-account API reference skill; it handles sensitive financial data but does not include hidden code, persistence, or automatic execution.

Install only if you intend to let an agent access your X trading account. Use the least-privilege API key possible, prefer read-only permissions unless you need trading, avoid requesting account history in shared contexts, and manually verify every order before confirming it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad enough to activate on common finance-related language, which can cause this skill to load in contexts where the user did not clearly intend account access. In a trading skill, unintended invocation increases the chance of exposing sensitive portfolio or balance data or routing general finance questions into account-specific actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This file documents endpoints for highly sensitive financial data, including identity, balances, and positions, but provides no privacy notice, consent boundary, or guidance to verify authorization before access. In the context of a trading skill, that omission is more dangerous because the data is personal financial information and unauthorized disclosure could materially harm user privacy and security.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes very broad generic terms such as "history," "report," and "transactions," which can cause this skill to activate for ordinary conversational requests that were not clearly intended to access trading records. In a financial-trading context, accidental invocation can expose sensitive trade and account history to the agent flow or prompt unnecessary authenticated API calls against private user data.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
This module handles highly sensitive financial information, including deposits, withdrawals, balances, and executed trades, but provides no warning or safeguard language around privacy, authorization, or careful disclosure. Without explicit guidance, an agent may retrieve and display detailed account history too readily, increasing the risk of overexposure of confidential financial data in shared or ambiguous user contexts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal