OpenMM Exchange Setup
WarnAudited by ClawScan on May 10, 2026.
Overview
The guide is mostly purpose-aligned, but it asks users to create trading-capable exchange credentials and optionally pass them to an unpinned MCP npm package outside the declared install package.
Review the MCP setup carefully before using it with real exchange accounts. If you install this skill, create dedicated API keys with withdrawals disabled, IP-whitelist them where possible, avoid storing secrets in shared config files, verify and pin any npm packages you run, and start with test or low-balance accounts.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If these keys are exposed or misused, trades could be placed or modified on the user's exchange accounts, even though withdrawals are disabled.
The guide asks users to create API keys with trading/order authority. It also recommends disabling withdrawals, which makes the behavior disclosed and purpose-aligned, but the keys can still affect financial accounts.
Required permissions for each exchange: ... Enable Spot Trading ... Create & Modify Orders ... No Withdraw permission
Use separate limited-purpose keys, disable withdrawals, enable IP whitelisting, start with test or small-balance accounts, and rotate keys if there is any doubt.
A user may run additional package code that was not declared in the skill install metadata, while also configuring sensitive exchange credentials.
The declared install package differs from the optional MCP runtime package, and the npx command is unpinned. That extra package would be executed outside the declared install path.
package: "@3rd-eye-labs/openmm" ... "command": "npx", "args": ["@qbtlabs/openmm-mcp"]
Verify that @qbtlabs/openmm-mcp is the intended official package, pin a trusted version, inspect its documentation/source, and avoid passing real exchange keys until the package is trusted.
Once configured, an MCP-connected agent or server may have access to trading-capable exchange credentials, increasing the impact of mistakes or misuse.
The MCP setup passes exchange API keys and secrets into a separate MCP server, but the artifact does not define the server's tool permissions, data boundaries, or approval requirements.
"mcpServers": { "openmm": { "command": "npx", "args": ["@qbtlabs/openmm-mcp"], "env": { "MEXC_API_KEY": "your_key", "MEXC_SECRET": "your_secret" } } }Only include credentials for exchanges you truly need, use least-privilege non-withdrawal keys, restrict keys by IP where possible, and configure MCP tool approvals or isolation before enabling it.