Security audit

Cue Margin Trading

Security checks across malware telemetry and agentic risk

Overview

The skill is coherent for Cue-based margin-trading research, but it asks the agent to fetch and run unpinned remote code that can use a local Cue API key.

Review this before installing if you are not comfortable with a skill updating code under ~/.cue and running it with access to your Cue account credentials. Prefer using a trusted, pinned runner version and confirm what will be installed before the first run.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The skill directs the agent to clone or update a remote Git repository into the user's home directory and then execute code from that checkout. This expands the skill from passive research into arbitrary remote code retrieval and execution, creating a supply-chain risk if the repository, mirror, branch, or transport path is compromised.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The skill explicitly relies on a local API key stored under ~/.cue/config.json and tells the agent the runner will read it automatically. Accessing credentials from the user's home directory is a sensitive capability not inherent to margin-trading research and could expose or misuse secrets if the runner or surrounding workflow is compromised.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal