ClawHub

PTRADE量化策略生成器

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed PTRADE trading-code generator, but it should be reviewed carefully because its templates can place live market orders and one template can sell all account positions.

Install only if you intentionally want PTRADE trading-code generation. Review every generated strategy before use, fix the moving-average template bug, restrict any rebalance logic to holdings created by that strategy, and test in backtest or simulation before connecting to a live account. Do not enable auto-ordering, margin/futures, fund transfers, or notification credentials without explicit limits and monitoring.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The code intended to detect a moving-average crossover computes `prev_long` using a single historical close (`close[-params["long_window"]-1]`) instead of the previous long-window average. This breaks the documented strategy logic and can generate incorrect buy/sell signals, which is materially dangerous in an automated trading skill because it may trigger unintended market orders and financial loss.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger keywords are broad enough to activate on ordinary discussion of trading topics, which can cause the skill to engage when the user did not intend strategy generation or trading automation. In a financial-trading context, accidental activation is more dangerous because it can steer users toward code generation and potentially live-trading workflows without a clear intent boundary.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The Chinese trigger description lists general quantitative-trading terms without specifying exclusion cases, so routine conversation about trading may invoke the skill unnecessarily. Because this skill produces executable trading strategies, ambiguous activation increases the risk of users receiving automation-oriented output in situations where they only wanted information or discussion.

Missing User Warnings

High
Confidence
96% confidence
Finding
The README walks users from code generation to live auto-execution trading but does not warn about financial loss, unintended orders, environment misconfiguration, or the need for staged validation. In this context, the omission is serious because the skill is specifically designed to produce ready-to-run trading code that may be deployed against real assets.

Missing User Warnings

High
Confidence
97% confidence
Finding
The Chinese instructions explicitly tell users to subscribe the strategy and enable automatic order placement in live trading, but they omit a clear warning about asset risk, verification obligations, and operational safeguards. This is particularly dangerous because the audience is likely to follow the procedural steps directly, potentially exposing real funds to unreviewed generated code.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger keywords are broad enough to activate on generic investing or strategy-writing requests, which can cause the skill to engage in contexts the user did not explicitly intend. Because this skill generates executable trading code, accidental activation increases the chance of unsafe financial automation being produced or acted upon.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill documents APIs for live order placement, margin activity, futures trading, and fund transfers without guardrails, warnings, or limitations. In the context of a code-generation skill, this is dangerous because it can directly enable users to create automation that executes destructive or high-risk financial actions, including leveraged trades and money movement.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill exposes notification and account-related APIs such as email setup and user/account identity functions without guidance on secret handling or privacy. This creates risk that generated code will hardcode SMTP credentials, leak account metadata, or encourage unsafe handling of sensitive operational information.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The strategy unconditionally liquidates all existing positions and re-enters a newly selected basket on each rebalance cycle, using market orders and without any user confirmation, safety gate, or scope check limiting liquidation to strategy-managed holdings. In an automated trading skill, this is dangerous because a generated or deployed strategy can cause large, immediate portfolio turnover, unintended sale of unrelated positions, slippage, fees, and material financial loss if run in a live account.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This strategy directly submits market buy and sell orders when crossover conditions are met, with only internal logging and no user-facing confirmation, dry-run mode, position/risk checks, or trade guards. In the context of an agent skill that generates executable quantitative trading code, this is materially dangerous because a user may run the produced strategy in a live account and trigger unintended real-money trades automatically.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal