Lighter
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its Lighter DEX purpose, but its live trading script can submit real mainnet orders without an enforced confirmation and uses high-privilege trading credentials.
Read-only market/account queries appear aligned with the skill purpose. Before enabling trading, use a burner or limited account, set LIGHTER_ACCOUNT_INDEX explicitly, review and pin the Lighter SDK, and do not run live order commands unless the exact market, side, size, price, and account have been separately confirmed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent or user running the script with parameters could place a real mainnet trade and change account funds without a separate confirmation step.
The order script directly submits a live Lighter order from command-line parameters. It does not implement a confirm=true flag, final approval prompt, dry-run default, or slippage/loss guard for this high-impact financial action.
result = await signer.create_order(...)
...
parser.add_argument("--amount", type=float, required=True, help="Order amount")
...
asyncio.run(place_order(args.market_id, args.side, args.amount, args.price, args.order_type))Require an explicit confirmation flag and show a final order summary before signing or submitting; default to read-only or dry-run behavior unless the user clearly approves the exact trade.
A missing or misconfigured account index could cause trades or account actions on an unintended subaccount, potentially the user's main account.
The script uses the provided key as a private signing key and silently falls back to account index 0 if LIGHTER_ACCOUNT_INDEX is missing, even though SKILL.md describes the account index as required for orders.
LIGHTER_ACCOUNT_INDEX = int(os.environ.get("LIGHTER_ACCOUNT_INDEX", "0"))
...
signer = lighter.SignerClient(
url=API_URL,
account_index=LIGHTER_ACCOUNT_INDEX,
api_private_keys={3: LIGHTER_API_KEY}
)Fail closed when LIGHTER_ACCOUNT_INDEX is absent, clearly label the key as a trading/signing private key, and require users to confirm the target account before live trades.
Installing or updating the external SDK could change the code that handles signing keys and order submission.
The trading path depends on external Python packages with lower-bound rather than pinned versions, and the trading SDK is optional/manual rather than captured by an install spec. This is disclosed and purpose-aligned, but users should verify the package source.
requests>=2.31.0 # Optional: lighter-sdk>=1.0.3 eth-account>=0.12.0 # Only install if you need order placement capabilities
Review the official SDK, pin exact package versions, and use a dedicated burner wallet or limited trading key before enabling order placement.