ClawHub

Quant Analyst

Security checks across malware telemetry and agentic risk

Overview

This skill needs Review because it mixes a crypto trading skill with an unrelated video-generation skill and includes real trading authority with exchange credentials.

Install only after manually reviewing the external repositories and deciding which skill this is supposed to be. Treat the English video file as a packaging error or unrelated behavior. For any trading use, start with backtesting or paper trading, use restricted exchange API keys with withdrawals disabled, set tight limits, and require explicit confirmation before any live order.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The skill metadata says it is a cryptocurrency quantitative trading system, but the file actually defines a video-generation tool. This mismatch can cause the wrong capability to be invoked, bypass user/operator expectations, and lead an agent to execute unrelated installation and shell commands against external repositories. In a skill ecosystem, deceptive or incorrect identity materially increases supply-chain and misuse risk.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The auto-trigger rules are broad enough to activate on ordinary discussion about videos or on any multi-sentence text that resembles a script. That can cause the agent to launch external tooling and transmit user content to third-party services without sufficiently explicit intent, increasing the chance of unintended actions, privacy issues, and unnecessary command execution.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill uses OpenAI TTS and Whisper, but it does not clearly warn that user-provided script or audio content will be sent to external APIs. Users may unknowingly provide sensitive or proprietary material, creating privacy, confidentiality, and compliance risks when the agent forwards that data off-host.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The auto-trigger section includes broad terms such as 'quant' and strategy-related phrasing that can match loosely related user requests and cause this skill to activate in inappropriate contexts. Because this skill can progress from analysis into paper or live trading workflows, accidental invocation increases the chance of unsafe financial actions or misleading automation in a high-risk domain.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill description prominently advertises live trading capability but does not present an equally prominent upfront warning that the skill may initiate real financial actions with exchange credentials. In a trading context, this omission is dangerous because users or downstream agents may underestimate that the skill can interact with real accounts and place orders, leading to financial loss.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal