Is skill/crypto-executor-optimizer safe?

https://clawhub.ai/skill/crypto-executor-optimizer

45
DANGEROUS

This skill poses significant security risks by combining AI persona instruction, external code execution, and autonomous financial trading capabilities. The skill downloads unverified code from GitHub, requires extensive system privileges, and instructs the AI to make autonomous trading decisions that could result in financial losses.

Category Scores

Prompt Injection 15/100 · 30%
Data Exfiltration 70/100 · 25%
Code Execution 0/100 · 20%
Clone Behavior 85/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 5/100 · 5%

Findings (5)

CRITICAL AI Persona Instruction and Autonomous Behavior -85

The skill explicitly instructs the AI agent to adopt the persona 'Wesley' and make autonomous trading decisions. This overrides normal agent behavior and creates a specific identity with financial decision-making capabilities.

CRITICAL External Code Download and Execution -70

The skill downloads executable Python code from external GitHub repositories and executes it with system privileges. This creates a significant attack vector if the external repositories are compromised.

CRITICAL System Privilege Requirements -30

The skill requires sudo access for systemctl operations and installs cron jobs, indicating deep system integration that could be abused for privilege escalation or persistence.

HIGH Financial System Risk -95

The combination of AI autonomous decision-making and live financial trading system control creates severe risk of financial loss if the skill malfunctions or is compromised.

MEDIUM Sensitive Credential Collection -30

The skill collects and stores Binance API credentials, which provide access to financial accounts and trading capabilities.