ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

HL Privateer

v1.0.1

Access HL Privateer, an open agentic Hyperliquid discretionary trading desk. Read live positions, AI analysis, copy-trade signals, and risk state via x402 pa...

0· 605·0 current·0 all-time
byAndrew Wilkinson@adwilkinson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the provided files: a REST/WebSocket API exposing trading positions, analysis, copy-trade signals gated by x402 payments. Network access to api.hlprivateer.xyz and the x402 payment flow are consistent with the stated purpose.
Instruction Scope
Instructions are narrowly scoped to calling the REST/WebSocket endpoints and performing the x402 pay-per-call flow. However, the docs include explicit code examples that require a private key (privateKeyToAccount('0x<your-private-key>')) and show signing client code — which may prompt an agent to request or handle sensitive keys. The SKILL.md does not instruct reading unrelated system files, but the payment flow implicitly requires signing capability.
Install Mechanism
No install spec or code is included (instruction-only). Nothing is written to disk by an installer; lowest install risk.
!
Credentials
The skill does not declare required environment variables or a primary credential, yet its operation requires a wallet/private-key capable of signing x402 payments (or an external signer). The package shows examples that embed private keys in code — a sensitive requirement that is not declared. This is disproportionate only insofar as the skill fails to declare how credentials should be provided and encourages insecure handling.
Persistence & Privilege
always is false and there is no instruction to modify other skills or system-wide config. The skill does not request permanent platform-level privileges.
What to consider before installing
This package is coherent with its advertised function (paid trading endpoints using x402) but you should be careful before using it: to access most endpoints you must sign x402 payment challenges, which requires a wallet signing key or external signer. The skill does not declare that credential requirement, and its examples show placing a raw private key in code — avoid pasting private keys into an agent or skill. If you want to use this safely: (1) prefer signing with an external wallet or hardware wallet (WalletConnect/hw signer) rather than providing a raw private key to the agent; (2) use an ephemeral wallet funded with only the minimum funds necessary for small test payments; (3) verify the domain and facilitator (api.hlprivateer.xyz and facilitator.payai.network) independently before sending funds; (4) never store long-term secrets in agent-visible config; (5) be cautious about allowing autonomous agents to perform payments — require manual confirmation for signing. If you need stronger assurance, ask the publisher to explicitly declare credential requirements and provide a safer signing integration (e.g., redirect to an external wallet signer) rather than examples that embed private keys.

Like a lobster shell, security has layers — review code before you run it.

latestvk975fvcweh13sgs87xr4a2z4cd818kxx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments