ClawHub

Vault Intelligence

Security checks across malware telemetry and agentic risk

Overview

This skill is a text-only guide for analyzing Paradex vault data and does not install code, request secrets, or move funds.

Before installing, consider that this skill may shape financial decisions by ranking and recommending Paradex vaults. It does not execute deposits or withdrawals and does not ask for wallet credentials, but users should verify vault data, lockup terms, and risk independently before acting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger scope is overly broad because it instructs invocation not only for explicit Paradex vault requests, but also for generic terms like "yield," "earn," and "passive" in a Paradex context. This can cause unintended routing into a financial recommendation skill, increasing the chance of irrelevant activation and unrequested investment-oriented analysis in ambiguous user conversations.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal