Axelrod
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
Axelrod appears coherent for crypto trading, but it can use trading API keys to place and automate real trades, with under-declared credential needs and only conditional confirmation.
Treat this like granting a trading bot access to real funds. Install only if you trust AIxVC, use limited/revocable keys, require explicit approval before any trade or strategy, and review active automated orders regularly.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or ambiguous trading prompt could spend or swap crypto, including small trades that may execute without a second confirmation step.
The CLI can turn natural-language requests into real trading actions, and the documented confirmation flow is not guaranteed for every order.
Spot Buy/Sell/Swap: Exchange tokens on Base chain ... Orders usually require risk-control confirmation; small orders (approximately ≤ $10) may skip confirmation.
Require explicit user approval before invoking the script for any buy/sell/swap/order request, and use provider-side spending limits where available.
Installing users may not realize they are granting the skill credentialed access that can query balances and submit trading instructions.
The skill requires account credentials for a trading API, while the registry metadata lists no required env vars or primary credential, under-disclosing the permission boundary.
Configure credentials ... AIXVC_ACCESS_KEY ... AIXVC_SECRET_KEY
Declare the required credentials in metadata and use least-privilege API keys, account limits, and revocation/rotation practices.
A single bad setup instruction could create repeated or delayed trades that continue to affect funds over time.
These examples create ongoing or future-triggered trading behavior, but the artifacts do not clearly define duration, maximum spend, or a comprehensive cancellation workflow.
DCA 20u into ETH every day ... if 1h RSI < 30, buy 100u BTC ... buy ETH when price drops to 2500
Ask users to specify amount, duration, max spend, and cancellation terms before creating any automated strategy, and show active orders after setup.
Trading instructions and resulting account-related replies may be visible to the AIxVC service.
User instructions are sent to the external AIxVC gateway with signed authorization; this is purpose-aligned but creates a third-party data boundary.
OPENAPI_ENDPOINT = "https://api.aixvc.io/gw" ... req_body = _json_compact({"message": args.message}) ... requests.post(url, data=body_json, headers=headersOnly use the skill if you trust the AIxVC provider, and avoid including unrelated secrets or private information in prompts.
Future installs may resolve to different dependency versions than those originally tested.
The dependency is installed via a broad version range rather than a pinned, locked version; this is not hidden, but it is a provenance and reproducibility consideration.
requests>=2.25.0
Pin dependencies or use a reviewed lockfile for reproducible installs.