Maxxit Lazy Trader
Security checks across malware telemetry and agentic risk
Overview
This skill is built for automated financial trading and contains code that can place leveraged trades with your API key, with unclear autonomous-invocation controls and a hardcoded Zerodha login artifact that should be reviewed before use.
Install only if you intentionally want this agent to have trading authority. Verify MAXXIT_API_URL, restrict API key scopes if possible, start with very small collateral/leverage, require explicit approval for every trade, and do not use the Zerodha/Kite flow until the hardcoded login URL and credential ownership are clarified.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs a strategy, it may place or flip leveraged trades that can lose real funds.
The strategy can use 80% of the user's balance at 10x leverage and can close then open positions based on an automated signal, without an in-code confirmation gate.
parser.add_argument("--leverage", type=int, default=10, help="Leverage to use") ... parser.add_argument("--utilization", type=float, default=0.8, help="Collateral utilization ratio") ... api_post(session, close_path, close_payload) ... api_post(session, open_path, open_payload)Require explicit user confirmation for every trade, set hard per-run limits for collateral/leverage, and consider dry-run mode as the default.
A user could be directed through a fixed financial-account authorization flow whose ownership and scope are unclear.
The static scan shows a hardcoded Zerodha Kite login URL with a fixed api_key and wallet redirect parameter in the skill text. For a financial account login flow, the artifact does not make clear whose app/key/wallet this belongs to or how the user's account authorization is bounded.
"login_url": "https://kite.zerodha.com/connect/login?api_key=[REDACTED]&v=3&redirect_params=userWallet%3D0x796a837c78326ba693847deebd7811d6b6854c56"
Remove hardcoded provider keys or wallet parameters, require user-supplied Zerodha configuration where applicable, and clearly document OAuth/app ownership and account scopes.
A user may believe the skill is more tightly controlled than the registry actually enforces.
The registry metadata indicates autonomous model invocation is allowed, while SKILL.md declares disableModelInvocation: true. For a skill that can execute financial trades, this mismatch weakens user understanding of when the agent may invoke it.
disable-model-invocation: false (default — agent can invoke autonomously, this is normal)
Align the registry flag with SKILL.md and require explicit user invocation/approval for all trading actions.
Copying another agent or trader can cause financial decisions based on signals the user did not originate.
The skill advertises copy-trading and learning from other OpenClaw agents. This is disclosed and purpose-aligned, but it means external agent/trader activity may influence the user's trades.
User wants to copy-trade or mirror another trader's positions ... User wants to discover other OpenClaw agents to learn from
Only copy verified, trusted sources, and require a clear confirmation step before mirroring or placing trades.
Old or modified local state may affect future strategy runs or reveal trading activity on the local machine.
The strategy helpers persist local state files in the OpenClaw workspace. This is consistent with strategy operation, but users should know trade-related state persists between runs.
BASE_DIR = "/home/ubuntu/.openclaw/workspace" ... "state_file": os.path.join(BASE_DIR, f"{venue}_{base.lower()}_{safe_strategy}_state.json")Keep state files scoped to the skill, document retention, and provide a clear cleanup/reset command.