Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Aster-Skill
v1.0.0Monitors crypto news for BTC, ETH, SOL, BNB; classifies sentiment; and executes leveraged long/short orders on Aster with risk controls.
⭐ 1· 275·0 current·0 all-time
byAsterSkill@asterskillagent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (monitor news, classify sentiment, place leveraged orders on Aster) matches the code: it uses an OpenNews client, OpenAI for classification, and an Aster client to place orders. The skill.json declares OPENAI and ASTER credentials and an optional Twitter token which are appropriate for the stated purpose. Minor inconsistency: the registry summary at the top of the report stated 'Required env vars: none' while the included crypto-news-trader-skill.json explicitly requires ASTER_API_KEY, ASTER_API_SECRET, and OPENAI_API_KEY.
Instruction Scope
SKILL.md and the code stick to the described flow: fetch news via OpenNews MCP, format and send articles to OpenAI, interpret the JSON response, and place MARKET orders on Aster with stop-loss/take-profit and cooldowns. The skill sends article content (titles, excerpts, URLs, engagement metrics) to OpenAI — expected for the classifier but note this transmits potentially sensitive or proprietary text to OpenAI.
Install Mechanism
The published package is instruction-first but includes source that imports third-party npm packages (@asterdex/aster-skills-hub, opennews-mcp, openai). crypto-news-trader-skill.json declares an MCP install via 'npx clawhub install opennews-mcp', which will fetch and execute remote code. There is no clear, verifiable upstream homepage or release provenance for these modules in the skill metadata. Installing arbitrary npm/MCP packages is moderate-to-high risk unless packages are audited and pinned to known safe versions.
Credentials
The environment variables required by the skill.json (ASTER_API_KEY, ASTER_API_SECRET, OPENAI_API_KEY, optional TWITTER_BEARER_TOKEN) are consistent with its functionality. These are highly sensitive credentials (especially exchange API keys). The skill does not request unrelated credentials, but granting these keys to an unvetted skill carries financial and privacy risk. The code uses a default Aster base URL (https://api.asterdex.com) and does not attempt to exfiltrate secrets, but users should limit key permissions (e.g., disable withdrawals) and consider testnet keys.
Persistence & Privilege
The skill.json includes a schedule ('*/5 * * * *'), so it is intended to run automatically every 5 minutes and may execute trades without manual approval. While 'always' is false, autonomous scheduled invocation plus exchange keys means the skill can repeatedly act on the user's account — a high blast radius if the skill or its dependencies are malicious or buggy. The skill does not modify other skills or system settings.
What to consider before installing
This skill implements an autonomous trading bot and requires your Aster exchange API keys and your OpenAI key. That is coherent for the feature, but it is high-risk to give these secrets to an unvetted skill with no homepage or known publisher. Before installing: (1) Review source of @asterdex/aster-skills-hub and opennews-mcp packages (audit code, pin versions); (2) Use an exchange API key that has no withdrawal permissions and limited trade permissions and set small position sizes or use sandbox/testnet keys first; (3) Consider running manually (disable scheduled/autonomous runs) or require human confirmation for order execution; (4) Limit OpenAI usage or use a dedicated key, and be aware article content is sent to OpenAI; (5) Monitor logs and have a plan to revoke credentials quickly if unexpected trades occur. If you cannot audit the dependent npm/MCP packages and the Aster client, treat this skill as risky and avoid providing real exchange credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk97ecq489axvjv8yq55tw6e60582e127
License
MIT-0
Free to use, modify, and redistribute. No attribution required.