Lighter
Security checks across malware telemetry and agentic risk
Overview
This Lighter DEX skill is mostly purpose-aligned, but it can place live mainnet trades with signing credentials without an implemented confirmation guard and its credential needs are under-declared in registry metadata.
Use this only if you intentionally want an agent to interact with your Lighter account. Prefer read-only commands, verify the external Lighter SDK, use a burner or limited-permission account, keep keys out of logs, and require manual confirmation before any live order.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with valid credentials, the skill can place real trades and change the user's financial positions without an extra built-in approval step.
The script directly submits an order to Lighter after command-line arguments are provided, with no implemented confirmation flag or dry-run gate before live execution.
result = await signer.create_order(...) ... asyncio.run(place_order(args.market_id, args.side, args.amount, args.price, args.order_type))
Add and enforce an explicit confirmation parameter for every order, default to read-only/dry-run, validate size/price/slippage, and require user approval immediately before any live trade.
A user may not realize from registry metadata that installing/using the skill can involve granting trading authority over a Lighter account.
The environment variable is used as a private signing credential for orders, while the registry metadata declares no primary credential or required environment variables.
LIGHTER_API_KEY = os.environ.get("LIGHTER_API_KEY", "")
...
api_private_keys={3: LIGHTER_API_KEY}Declare LIGHTER_API_KEY and LIGHTER_ACCOUNT_INDEX in the registry metadata, distinguish read-only API keys from signing/private keys, document the exact account scope, and encourage burner wallets or minimal-permission keys.
Installing the external SDK gives third-party package code access to the local environment where trading credentials may be present.
Full trading relies on an external SDK; the skill discloses this and advises review, but the dependency is not pinned or installed by a reviewed install spec.
Requires the official Lighter SDK. Review and verify before installing: - SDK Repository: https://github.com/elliottech/lighter-python
Install the SDK only from the verified official source, use a virtual environment, pin known-good versions, and review the package before providing trading keys.