ClawHub

Nautilus Trader

v0.1.0

NautilusTrader algorithmic trading platform for strategy development and live trading. Use when building trading strategies, backtesting, or deploying to Hyp...

1· 358·0 current·0 all-time
byDan Repaci@ahuserious
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description (NautilusTrader + Hyperliquid live trading) is consistent with the code and docs included. However, the skill metadata declares no required environment variables or credentials while the runtime instructions explicitly require HYPERLIQUID_PK (private key) and HYPERLIQUID_VAULT. That mismatch is incoherent and reduces transparency about what secrets the skill needs.
!
Instruction Scope
SKILL.md instructs the user/agent to import a local patch module (hyperliquid_patch) before importing NautilusTrader, create a .env containing a raw private key, and to run live-trading and leverage-setting scripts. Those runtime instructions cause the agent to execute bundled Python code that will use a sensitive private key; the skill instructions access sensitive environment variables that were not declared in the registry metadata. No instructions appear to demand unrelated system files, but the undisclosed secret usage is a scope and transparency problem.
Install Mechanism
There is no install spec (instruction-only), which is lower risk than arbitrary downloads. The SKILL.md recommends pip installing nautilus_trader and hyperliquid-python-sdk from PyPI — expected for this purpose. The skill does bundle three Python modules (hyperliquid_patch.py, live_trading.py, set_leverage.py) that the agent may import and execute; bundling executable code without an explicit install step or provenance is worth scrutiny.
!
Credentials
The runtime instructions require HYPERLIQUID_PK (a raw private key) and HYPERLIQUID_VAULT; asking for a private key is proportionate to live trading but highly sensitive. The skill metadata did not declare any required env vars or a primary credential, creating an opacity problem. There are no other unrelated credentials, but the absence of declared secrets in registry metadata while instructing to provide them is a red flag.
Persistence & Privilege
Skill flags: always=false and model invocation enabled (normal). The skill does not request permanent 'always' presence or system-level configuration changes in the provided materials. Autonomous invocation is allowed by default — combine that with the private-key usage only if you plan to let the agent act on its own with real funds.
Scan Findings in Context
[unicode-control-chars] unexpected: Unicode control characters were detected in SKILL.md. This pattern can be used to obfuscate or manipulate parsing and is not expected for a straightforward developer guide. It could be benign (formatting artifact) but warrants manual review of the raw SKILL.md and bundled files to ensure no hidden instructions or obfuscation.
What to consider before installing
Key points to consider before installing/using this skill: - The skill explicitly asks you to provide HYPERLIQUID_PK (a raw private key) and HYPERLIQUID_VAULT in a .env, but the registry metadata declares no required environment variables — that mismatch reduces transparency. - The package includes executable Python files (a 'patch' module and live-trading examples) that the agent is instructed to import and run; review those files (hyperliquid_patch.py, live_trading.py, set_leverage.py) line-by-line before running. - The pre-scan found unicode control characters in SKILL.md, which can hide or obfuscate content; inspect the raw files for hidden characters or injected instructions. - If you plan to use live trading: never use a real private key until you fully audit the code. Prefer testnet keys, a signing service, or an external signer/hardware wallet rather than placing raw private keys in .env. - Ask the publisher for provenance (homepage, source repo, release signing). Lack of a homepage and unknown source increases risk. - If you still want to test: run the skill in an isolated environment (air-gapped or VM), use ephemeral/testnet credentials, and monitor network calls. If the skill will be allowed to act autonomously, restrict that capability until you validate behavior. - Additional useful artifacts to request or check: full contents of hyperliquid_patch.py and set_leverage.py, any network endpoints used by the patch, and how the patch modifies NautilusTrader internals.

Like a lobster shell, security has layers — review code before you run it.

latestvk97efm8ts2a1strvam5p41xbnd81zhjt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments