ClawHub

Bybit Futures

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed Bybit futures trading toolkit with real-money trading capability, but the reviewed artifacts do not show hidden behavior, exfiltration, or deceptive execution.

Install only if you intentionally want a crypto futures trading system. Start with paper trading or Bybit testnet, use an isolated low-balance account, create an API key limited to Contract trading with no withdrawal or asset permissions, prefer environment variables or a secrets manager, pin dependencies, and enable Telegram or systemd persistence only if you understand what data is shared and how to stop the bot.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The quick-start flow tells users to validate with paper trading and then switch to live trading, but it does not clearly warn that live mode can place irreversible real-money orders. In a financial trading context, the absence of an explicit risk warning makes accidental loss materially more likely, especially for users following setup steps mechanically.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs users to place API keys in a local config file without warning that these credentials are highly sensitive and may permit account access or trading actions. In a live trading system, exposed keys could enable unauthorized trades, data access, or account abuse if the file is committed, logged, or stored insecurely.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Telegram integration sends trading events to a third-party messaging service, but the documentation does not warn users that potentially sensitive operational and financial data may leave the local system. This can leak positions, balances, strategy activity, or error details to external infrastructure and chat recipients.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The note explicitly recommends Read-Write contract API permissions, which are necessary for live futures trading but also enable real order placement if the bot is misconfigured, compromised, or pointed at production instead of testnet. In a trading-bot skill, this increases the chance of unintended leveraged trades and financial loss unless strong warnings, least-privilege guidance, and safe-by-default controls are included.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal