Security audit

Ai Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real ClawMarkets trading client, but it can place market orders and encourages automation without clear approval or risk controls.

Install only if you intend to let an agent interact with a prediction-market trading API. Use a sandbox or local test backend first, avoid real API keys until you have reviewed the code, and require per-trade confirmation, position limits, trusted HTTPS endpoints, and a clear stop condition before enabling automation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README provides a full autonomous trading loop that continuously fetches market data, derives signals, and executes buy/sell orders without any documented safeguards such as risk limits, human confirmation, position caps, kill switches, or warnings about financial loss. In an agent skill context, this materially increases the chance of unsafe real-money or high-impact automated actions being deployed directly from documentation examples.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list is broad enough to match common discussion terms like trading, buying, selling, and strategy, which could invoke the skill in contexts where the user did not intend to perform market-related actions. In a trading skill, accidental invocation is more dangerous because it can expose trading functions or lead the agent toward financially impactful workflows without clear user intent.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill advertises market creation, buying/selling, strategy execution, and automated trading loops without any warning about financial loss, unintended order placement, or the need for explicit user confirmation. Because this is a trading context, omission of risk disclosure and transactional safeguards materially increases the chance of harmful real-world actions and unauthorized or poorly understood trades.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill exposes live trading primitives (`buy` and `sell`) that immediately submit orders to a backend without any built-in confirmation, dry-run mode, or explicit user-risk acknowledgement. In an agent setting, this is dangerous because ambiguous prompts, prompt injection, or automation mistakes could trigger real financial transactions and irreversible losses.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal