ClawHub
Back to skill

Security audit

Alpaca Trading Hardened

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Alpaca trading helper, but it needs review because it can place real-money trades and its safeguards are too broad for that level of access.

Install only if you are comfortable letting an agent use Alpaca trading credentials. Prefer paper-trading credentials, verify the apcacli package before installing it, never run commands that print APCA_API_KEY_ID or APCA_API_SECRET_KEY, and require explicit confirmation before any live order, cancel-all, close-all, account configuration change, or automated trading workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill description includes broad triggers like 'buy,' 'sell,' 'trade,' 'stock price,' 'portfolio,' and 'account balance,' which can match ordinary financial discussion rather than a clear request to execute trading actions. Because this skill has the ability to place orders and close positions, overbroad activation increases the chance the agent invokes a high-impact tool in contexts where the user only wanted information or general conversation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill prominently documents destructive commands such as order submission, order cancellation, position closure, and closing all positions, but the command sections themselves do not consistently present explicit warnings that these actions may execute immediately and can affect real-money accounts if configured for live trading. In a trading skill, this context makes the issue more dangerous because mistakes can cause irreversible financial loss, especially with commands like 'position close-all' or market orders.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal