Back to skill
Skillv1.0.7
ClawScan security
Coinpilot Hyperliquid Copy Trade · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 5:27 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and resource requests are consistent with an on‑chain copy‑trading tool that requires local private keys and an API key; nothing requests unrelated credentials or external endpoints beyond the stated Coinpilot/Hyperliquid APIs.
- Guidance
- This skill legitimately needs local high‑sensitivity secrets (Coinpilot API key, Privy userId, and private keys for 10 wallets) to perform live copy trading. Only install and run it in a trusted local environment where you control the credentials file (~/.coinpilot/coinpilot.json). Confirm the script's allowlist (only coinpilot domains) and that file permissions are owner‑only after you populate the JSON. Understand that the script will send private keys to Coinpilot endpoints as required for starting/stopping subscriptions — if you prefer, use small dedicated follower wallets or otherwise limit funds. Do not paste or upload your populated credentials file; follow the SKILL.md instructions exactly. If you need higher assurance, review the full coinpilot_cli.mjs source before use and consider using wallets with limited balances or hardware/key‑management isolation.
Review Dimensions
- Purpose & Capability
- okThe name/description (copy‑trading on Hyperliquid via Coinpilot) matches what the skill does: it requires node, reads a local credentials JSON containing Coinpilot apiKey/userId and private keys, and performs Coinpilot/Hyperliquid calls. No unrelated credentials, binaries, or services are requested.
- Instruction Scope
- okSKILL.md is explicit about reading a fixed local config (~/.coinpilot/coinpilot.json), never pasting secrets into chat, and only contacting allowlisted Coinpilot/Hyperliquid endpoints. It documents that write routes require private keys and instructs the user to populate them locally. The runtime instructions do not ask for unrelated file reads or exfiltration.
- Install Mechanism
- okThere is no remote install/download behavior; the skill is instruction‑first and ships a local Node script (coinpilot_cli.mjs). No external archives, shorteners, or untrusted URLs are fetched by the skill itself.
- Credentials
- noteThe skill requests no environment variables but requires a local credentials JSON containing highly sensitive values (apiKey, userId, primary and follower private keys). This is proportionate to live on‑chain copy‑trading, but it is high‑sensitivity and requires user caution (the README and SKILL.md acknowledge this).
- Persistence & Privilege
- okThe skill does not request always:true or other elevated persistence. It reads/writes only the fixed per‑user credentials path under the user's home and does not attempt to modify other skills or system settings.