claudelabs

SUSPICIOUS: the skill’s purpose is crypto research/trading, but its footprint centers on installing a third-party skill and enabling autonomous financial actions without clear safeguards, provenance verification, or data-flow transparency. The main risks are transitive skill installation and unsupervised trading rather than confirmed malware.

This module poses a significant command injection and operational risk because it constructs shell commands using user-supplied input and runs them with execSync. The input sanitization is insufficient (only escapes double quotes) so an attacker can likely inject shell constructs to run arbitrary commands. Given the module controls a financial CLI (bankr) and exposes a trading action with no authorization, exploitation could lead to unauthorized trades or system compromise. The code does not show clear signs of intentional malware, but it is dangerously implemented and should be treated as high risk until exec usage is made safe (use spawn with args array, validate/whitelist commands, or strongly validate inputs and enforce auth).