ClawHub

Agent Trading Bot

Security checks across malware telemetry and agentic risk

Overview

This looks like a trading-bot skill rather than malware, but its real-money financial framing is under-scoped and its documentation overstates safety and trading capabilities.

Review carefully before installing or using with real funds. Use paper mode only unless you have inspected the script, use restricted exchange API keys with withdrawals disabled, limit account balances, and do not rely on the advertised live trading, backtesting, kill-switch, or risk controls as complete.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The Quick Start presents a live trade command without the documented --live safety flag, directly contradicting the stated requirement for explicit live-mode confirmation. In a trading skill, contradictory invocation guidance can normalize unsafe execution patterns and may lead users or downstream agents to attempt real-money actions without the intended confirmation barrier.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This file provides concrete trading strategies, risk levels, entry/exit signals, and execution parameters without an explicit warning that real-money use can lead to partial or total financial loss. In the context of an agent trading bot skill that supports live exchange execution, omission of a prominent financial-risk warning can cause users to over-trust the guidance and deploy strategies with real funds without understanding the consequences.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal