Trading212 API

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly coherent for Trading 212 API use, but it gives an agent live trading and financial-data access without enough action-level safeguards.

Review carefully before installing. Use DEMO mode first, verify the Trading 212 API details with official documentation, do not paste API secrets into chat, store downloaded reports only in a private location, and require explicit confirmation before every live order or cancellation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Context-Inappropriate Capability

Low

Confidence: 90% confidence
Finding: The skill instructs caching account-authenticated instrument metadata in a predictable shared path under /tmp. On multi-user systems or shared runtimes, that file may be readable or replaceable by other local users/processes, exposing account-scoped data and enabling cache poisoning that could mislead later trading actions.

Context-Inappropriate Capability

Low

Confidence: 84% confidence
Finding: The guidance downloads exported account history to a local CSV file without addressing sensitivity, retention, or file permissions. Transaction exports can contain detailed financial history, so writing them to disk by default increases exposure through local compromise, backups, or accidental sharing.

Vague Triggers

Medium

Confidence: 76% confidence
Finding: The trigger description includes broad phrases like 'buy stock', 'sell shares', and 'check my balance', which can cause the skill to activate in ambiguous conversations. In a high-risk financial context, unintended activation increases the chance of exposing account data or initiating trading-related flows when the user did not clearly intend to use this integration.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill provides real-money order placement and cancellation procedures but does not place strong user-facing warnings and confirmation gates directly at those action points. Because these actions are financially irreversible or time-sensitive, presenting executable examples without mandatory confirmation materially raises the risk of accidental or impulsive trading operations.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal