Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Temp Skills
v1.0.0Integrates OKX API for spot and contract trading, asset management, risk control, and real-time market data with automated risk checks and logging.
⭐ 0· 30·1 current·1 all-time
bysteve xia@danihe001
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill description says it integrates OKX (requires API access), but the registry metadata declares no required env vars/credentials. The SKILL.md itself contains a plaintext OKX API key, UID, and proxy — credentials that should have been declared or supplied by the user. This is an incoherent declaration: a trading skill needs credentials, but the metadata does not request any.
Instruction Scope
Runtime instructions tell the agent to initialize the OKX API, query balances, and place orders, and include an explicit API key, UID, and local proxy. Instructions also require logging and to 'notify Steve' on exceptions, but do not say where logs or notifications go. The instructions therefore ask the agent to use credentials and perform network-enabled trading actions and external notifications without specifying endpoints or provenance.
Install Mechanism
No install spec and no code files (instruction-only). That minimizes disk writes and supply-chain risk, but it also means all runtime behavior depends on the agent executing the prose (network calls) — there is no bundled code to inspect.
Credentials
The skill embeds a full API key with trading permissions directly in SKILL.md rather than declaring it as a required credential or asking the user to provide their own. This gives the skill direct authority to execute trades against someone else's account (or to use an account supplied by the skill author) and is disproportionate to what should be shared in a marketplace listing.
Persistence & Privilege
always:false (normal). Autonomous invocation is allowed by default; combined with the embedded trading credential this creates a significant blast radius because the agent could autonomously place real trades using the included API key without explicit per-action user approval.
What to consider before installing
Do not install or enable this skill unless you fully trust its source and intent. Specific actions to consider before proceeding:
- Treat the plaintext API key in SKILL.md as a red flag: ask the publisher why a key is embedded and whose account it is. Do not assume it's safe.
- Prefer skills that require you to supply your own API credentials via declared env vars or config; avoid skills that ship with built-in trading keys.
- If you must test, do so in a sandbox/testnet environment and ensure the skill uses read-only or test credentials.
- Ask where logs and notifications go (who is 'Steve'?). Require explicit endpoints and consent for notifications.
- Disable autonomous invocation or require manual confirmation for any trade actions until you verify behavior.
- If the exposed API key belongs to you, rotate it immediately and remove it from the skill description.
Given the clear mismatch between metadata and SKILL.md and the ability to execute trades, treat this skill as suspicious unless the author provides a clear, verifiable justification and safer credential handling.Like a lobster shell, security has layers — review code before you run it.
latestvk974h9de4hcsx3dtgqw6eegdkx846gqq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.