ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AutoSignals

v0.1.0

Monitors and controls the AutoSignals autonomous research loop.

0· 62·0 current·0 all-time
byRunByDaVinci@clawdiri-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (monitor and control an autonomous AutoSignals loop) matches the instructions: checking status, starting/stopping the loop, viewing logs, and inspecting best signals. The listed files (signals.py, backtest.py, run.py, etc.) align with the described functionality. There are no unrelated credentials or binaries requested.
Instruction Scope
The SKILL.md contains explicit shell commands that access a hard-coded local path (/Users/clawdiri/Projects/autosignals/) and run scripts (start.sh, status.sh, monitor.sh), read files (best_score.json, experiments.jsonl), and run git show on commits. These actions are coherent with a local monitoring skill, but they grant the skill authority to read and execute arbitrary files at that path — review those scripts and code before running. It also references WhatsApp alerts and agent spawning (LLM agents) but provides no configuration details for alerts or agent credentials; this is a descriptive note rather than unexplained access to external services.
Install Mechanism
Instruction-only skill with no install spec and no code files to write to disk. This is the lowest-risk install posture; nothing is downloaded or extracted by the skill itself.
Credentials
The skill declares no required environment variables or credentials. While SKILL.md mentions possible future integrations (WhatsApp, Alpaca, Finnhub), none are required by the current instructions. That is proportionate to the current on-disk monitoring/control role.
Persistence & Privilege
always is false and disable-model-invocation is false (normal). The skill does not request persistent marketplace privileges. The main residual risk is that the instructions ask the agent to execute local scripts and inspect local files — that is expected but means the user should ensure those scripts are trusted.
Assessment
This skill is coherent: it expects to control and monitor a local AutoSignals repository at /Users/clawdiri/Projects/autosignals/. Before using it, manually inspect the referenced directory and scripts (start.sh, status.sh, monitor.sh, run.py, backtest.py, prepare.py, signals.py, and any pid/log files) to ensure they don't perform unexpected network calls, exfiltrate data, or run privileged operations. Because the SKILL.md runs shell commands against your filesystem, run it only on a machine where you trust the project files. If you plan to let the agent operate autonomously, consider: limiting the agent's permissions, running it under an unprivileged user, enabling network egress controls, and adding explicit configuration for alerting endpoints (WhatsApp/Alpaca) so no secrets are stored or used implicitly. If you need this to be generic (not tied to another user's home path), update the paths to point to your repository before invoking any commands.

Like a lobster shell, security has layers — review code before you run it.

latestvk97amvx1mjptmf4dpxajzv2znx83c88w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments