Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Trading Co-Agent Pro
v1.0.0AI協助監控並修復交易腳本缺漏,主動執行和補救加密貨幣及股票自動交易,持續優化交易效能。
⭐ 0· 54·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose is autonomous execution and remediation of live crypto/stock trades, but the package declares no required environment variables, no primary credential, and no required config paths. The included script expects a config.json (rpc_endpoints, tokens_to_monitor, trading_params, risk_limits) and the runtime behavior implies wallet/private-key or exchange API access for signing/sending transactions—none of which are declared or explained. This mismatch is disproportionate and incoherent with the stated capability.
Instruction Scope
SKILL.md directs the agent to run a 5-minute monitoring loop, 'actively execute trades', 'repair scripts', re-run failed trades, and perform emergency remediation. These instructions permit reading/writing logs, accessing configuration, editing/fixing scripts, and sending transactions. The instructions are broad and vague (e.g., '修復腳本', '做出決策並執行') and grant the agent wide discretion without explicit guardrails or limits, which is scope creep for a typical monitoring/helper skill.
Install Mechanism
There is no install specification (instruction-only plus a small Python script). Nothing is downloaded or installed by the registry spec, which minimizes supply-chain risk. The provided Python script is local and readable.
Credentials
Executing real trades would normally require sensitive secrets (wallet private keys or exchange API keys) and network credentials (RPC endpoints). The skill requests none of these in metadata; the script implicitly relies on a local config.json but no config path was declared. This under-declaration is a red flag: the skill either omits required sensitive inputs (poor design) or expects users to place secrets in unspecified locations (risky).
Persistence & Privilege
always is false (good), but model invocation is enabled (default), which means the agent could autonomously act on the broad trade-and-fix instructions. Combined with the vague instructions to modify scripts and perform live trades, autonomous invocation increases potential impact if credentials are provided or stored insecurely. The skill does not document user confirmation/approval steps for real trades.
What to consider before installing
This skill is internally inconsistent: it promises autonomous execution and repair of live trades but does not declare how it will obtain the sensitive credentials or config it needs. Before installing or enabling it consider: 1) Do not supply private keys or exchange API credentials until you inspect and approve where/how they are stored; prefer hardware wallets or exchange API keys with tightly scoped permissions. 2) Review and harden config.json usage: place credentials in a secure secrets manager and do not keep plaintext keys in repo. 3) Require explicit manual approval for any real-money trade (disable autonomous invocation or add confirmation steps). 4) Audit the code paths that would sign/send transactions and any code that edits other scripts. 5) If you plan to run it, run in a sandboxed environment with limited credentials and test thoroughly in simulation before granting live-trading access. If you want, provide the missing information (where credentials/config are expected and how script updates are applied) and I can re-evaluate.Like a lobster shell, security has layers — review code before you run it.
coagentvk971wmgf48p5fh4qge6fe1zcqs847cd6latestvk971wmgf48p5fh4qge6fe1zcqs847cd6signalsvk971wmgf48p5fh4qge6fe1zcqs847cd6tradingvk971wmgf48p5fh4qge6fe1zcqs847cd6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.