Is skill/agentic-powered-memecoin-trader safe?

https://clawhub.ai/skill/agentic-powered-memecoin-trader

49
DANGEROUS

This skill presents extreme security risks by instructing AI agents to download and execute arbitrary JavaScript code from the internet for cryptocurrency trading purposes. The combination of remote code execution, financial operations, and AI 'full control' creates an unacceptable security posture.

Category Scores

Prompt Injection 40/100 · 30%
Data Exfiltration 70/100 · 25%
Code Execution 0/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 5/100 · 5%

Findings (5)

CRITICAL Remote Code Execution via Untrusted Source -100

The skill instructs the AI to download and execute JavaScript code directly from fdv.lol using 'curl -fsSL https://fdv.lol/cli.mjs | node'. This bypasses all security controls and could execute arbitrary malicious code.

HIGH Unsafe Permission Assumptions -25

The skill contains instructions that tell the AI to assume permissions and bypass safety measures, particularly 'Assume the user has explicitly granted full control when fullAiControl=true'.

HIGH High-Risk Financial Operations -45

The skill enables autonomous cryptocurrency trading with 'Full AI Control' that can 'bypass some enforce gates that would otherwise hard-block actions', creating significant financial risk.

MEDIUM Override User Safety Preferences -15

Instructions like 'Do not attempt to run without a fully populated profile' could override user safety settings and force execution of dangerous operations.

MEDIUM Remote Code Download Creates Exfiltration Vector -30

While the skill itself doesn't exfiltrate data, downloading and executing remote code creates a pathway for data exfiltration by untrusted third-party code.