XAUUSD
v1.0.0Institutional Desk-Level Fully Automated Trading OS for XAU/USD and XAG/USD. Event-driven, risk-first, multi-engine architecture that runs as a continuous analysis and execution pipeline inside OpenClaw's trader agent.
⭐ 2· 1.3k·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code, README, and SKILL.md consistently implement an institutional-grade trading OS for XAU/USD and XAG/USD (price feed, engines, MT5 integration, alerts, dashboard). That capability aligns with the name/description. However the registry metadata at the top claims 'Required env vars: none' and 'Primary credential: none' while manifest.json, README.md, and the code clearly expect broker/API credentials (METAAPI_TOKEN, MT5 account details) and optional alert tokens. This metadata mismatch is a notable inconsistency.
Instruction Scope
Runtime instructions and README tell the operator to copy files to a server, run npm install, create a .env containing METAAPI_TOKEN / MT5 account info and optional WhatsApp/Telegram tokens, then start the service (pm2 recommended). The SKILL.md and code also allow switching into fully-automated (autonomous) execution. Those instructions grant the skill the power to place and manage live trades if valid credentials are supplied — this is expected for a trading skill but is high-impact and must be explicit to users. Also the README examples use scp to root@claw1 (running as root suggested), which is unsafe advice.
Install Mechanism
There is no registry install spec (the skill is instruction-only), but full source files are included and package.json lists normal npm dependencies (metaapi.cloud-sdk, axios, ws, etc.). Installation relies on 'npm install' per README. There are no downloads from obscure URLs or shorteners in the provided files. Overall install mechanism is standard for Node projects, but the registry not providing an automated install is inconsistent with including runnable code in the skill bundle.
Credentials
The code and README require broker/API credentials and optional messaging/API keys (METAAPI_TOKEN, MT5 account ID/login/password, WHATSAPP_TOKEN, TELEGRAM_BOT_TOKEN, etc.), which are proportionate to the stated purpose (a trading system must authenticate to a broker). The concern is the registry metadata omitted these requirements entirely; that omission could mislead non-technical users into granting credentials without realizing the skill needs them. The number and sensitivity of env vars is appropriate for the purpose but must be disclosed up-front.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable; model invocation is allowed (the platform default). It writes local state/log files (data/*.json, desk-os.log), exposes a local WebSocket dashboard, and is designed to be run persistently (pm2). All of that is expected for a long-running trading agent, but because it can act autonomously to execute trades when provided credentials, running it persistently increases blast radius; run in a controlled environment and start in advisory/simulated mode first.
What to consider before installing
This package appears to be a real trading bot and requires live broker credentials to function (METAAPI_TOKEN / MT5 account info). Before installing:
- Do not assume the registry metadata is accurate — manifest/README/code require sensitive environment variables. Treat that omission as a red flag.
- Inspect broker-related files (broker/mt5-connector.js, broker/order-manager.js, broker/risk-guard.js) yourself or have a developer/auditor review them to verify they behave as claimed (no hidden remote endpoints, no credential exfiltration, proper error handling and halting logic).
- Never paste real broker credentials into a package you haven't audited. Test with a simulated/demo account or with the system in Mode 1 (Advisory) where it uses simulated prices.
- Do not run as root or on a production server. Run inside an isolated environment (VM/container) with least privilege and network controls.
- If you plan to enable live execution, restrict the API credentials to minimum required scope, rotate secrets after testing, and monitor all orders closely. Consider having manual approval gates before enabling Mode 3 (Fully-Automated).
- Because provenance is unknown (no homepage, unknown source owner), prefer an audit or source-of-truth repo copy before trusting it with real funds.
If you want, I can: 1) highlight specific lines in mt5-connector/order-manager for risky behavior, or 2) summarize what env vars each file reads so you see where secrets are used.Like a lobster shell, security has layers — review code before you run it.
latestvk9705z1jvycee1p7wpn4c64nh180zb62
License
MIT-0
Free to use, modify, and redistribute. No attribution required.