Back to skill

Security audit

Nautilus Trader

Security checks across malware telemetry and agentic risk

Overview

This skill is legitimate NautilusTrader guidance, but it can trigger broadly, run machine-changing setup commands, and guide live trading without a clear approval gate.

Review before installing. Use this only for explicit NautilusTrader work, do not let an agent run setup automatically, replace curl-to-shell installers with verified package-manager or checksum-based steps, and keep real exchange credentials out of the environment until you intentionally choose sandbox or live trading. Require explicit confirmation before any production exchange connection or live-trading command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (6)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is overly broad and could cause the agent to activate on generic trading-related requests, including ambiguous cases where the user did not explicitly ask for NautilusTrader. That increases the chance the agent will steer users into high-risk workflows such as environment setup, dependency installation, exchange connectivity, or live trading guidance without sufficiently clear user intent.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill includes guidance for paper trading, live trading, and connecting to exchanges or brokers, but it does not require an explicit safety warning or confirmation gate before operational or potentially financial-impacting actions. In this context, omission of that warning makes misuse more likely because users may be guided directly from setup into real-market actions.

External Script Fetching

Low
Category
Supply Chain
Content
```bash
# macOS (Rust + clang are typically available, just ensure Rust is installed)
curl https://sh.rustup.rs -sSf | sh -s -- -y
source $HOME/.cargo/env

# Linux (Ubuntu)
Confidence
95% confidence
Finding
curl https://sh.rustup.rs -sSf | sh

External Script Fetching

Low
Category
Supply Chain
Content
source $HOME/.cargo/env

# Linux (Ubuntu)
curl https://sh.rustup.rs -sSf | sh -s -- -y
source $HOME/.cargo/env
sudo apt-get install -y clang
```
Confidence
95% confidence
Finding
curl https://sh.rustup.rs -sSf | sh

External Script Fetching

Low
Category
Supply Chain
Content
#### 4b. Install uv (if not already available)

```bash
curl -LsSf https://astral.sh/uv/install.sh | sh
```

#### 4c. Install nautilus_trader
Confidence
95% confidence
Finding
curl -LsSf https://astral.sh/uv/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
#### 4b. Install uv (if not already available)

```bash
curl -LsSf https://astral.sh/uv/install.sh | sh
```

#### 4c. Install nautilus_trader
Confidence
93% confidence
Finding
| sh

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.