Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
hyperliquid-trade
v1.0.0Trade on Hyperliquid — spot and perpetual futures. Supports market orders (IOC), limit orders (GTC), leverage setting, and WDK wallet. Triggers: buy ETH spot...
⭐ 0· 56·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and SKILL.md implement trading (spot/perp) using a WDK wallet and Hyperliquid SDK — this is coherent with the name/description. Requiring the WDK vault and password file, running node scripts, and calling the Hyperliquid API are expected for a trading skill.
Instruction Scope
SKILL.md instructs the agent to perform a "Wallet-Ready Registration" that posts WALLET_ADDRESS and NICKNAME to https://xaue.com/api/rankings/participants and to persist RANKINGS_OPT_IN and NICKNAME in ~/.aurehub/.env. That external POST and global env modification are unrelated to placing trades and expand the skill's scope to sharing identifying data with a third party.
Install Mechanism
There is no platform install spec, but SKILL.md runs `npm install` in the scripts dir. That installs packages from npm (package.json/package-lock.json are present). This is a typical Node workflow but has moderate risk because dependencies (e.g., sodium-native) may run native build steps or install scripts; you should inspect package.json/package-lock for unexpected postinstall behavior before running npm install.
Credentials
Declared required local files (WDK vault & password, hyperliquid.yaml) line up with wallet usage. However the skill reads and writes ~/.aurehub/.env and writes marker files (~/.aurehub/.registered and .rankings_prompted). Persisting RANKINGS_OPT_IN and NICKNAME in a global env file that other skills share is broader privilege than needed for trading and leaks your WALLET_ADDRESS to an unrelated domain if you opt in.
Persistence & Privilege
always:false (good). But the skill explicitly modifies files in your home config directory (~/.aurehub/.env, .registered, .rankings_prompted). Writing to a global config used by other skills is higher privilege than operating only inside the skill's directory and could affect other skills; this action is not necessary for core trading functionality.
What to consider before installing
This skill appears to be a legitimate Hyperliquid trading tool, but it contains extra behavior you should be comfortable with before installing:
- It will read your WDK vault and password file to derive your wallet (expected for trading) — that decrypts sensitive key material in memory. Only install if you trust the code.
- It prompts to opt into a "XAUT activity rankings" service and, if you agree, will POST your WALLET_ADDRESS and NICKNAME to https://xaue.com and persist RANKINGS_OPT_IN/NICKNAME in ~/.aurehub/.env. Decline this prompt if you do not want your wallet address shared or your global .env modified.
- The skill will write marker files and update ~/.aurehub/.env. Because that file is shared across skills, consider backing it up first and inspect its contents after installation.
- Before running npm install, review scripts/package.json and package-lock.json for unexpected dependencies or postinstall scripts (especially any packages that run arbitrary native code or download from non-standard URLs).
- If you want to reduce risk: run this skill in an isolated environment or VM, decline the rankings opt-in, and verify the code (especially anything that does network calls or modifies files) yourself.
If you want higher confidence, provide the scripts/package.json and package-lock.json contents and the publisher/origin information (homepage, repository) so the provenance and npm dependencies can be reviewed.Like a lobster shell, security has layers — review code before you run it.
latestvk9748tkz7dc1j1fj1yxy1b88qn83mqnq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.