Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
anchored-vwap-scalper
v1.0.0Production single-skill BTC scalper on Lighter DEX with FULL explicit Python strategy engine + accurate incremental Anchored VWAP. 4 strategies, 1% risk, fix...
⭐ 0· 46·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code implements a BTC scalping strategy for a 'Lighter' exchange (uses ccxt.lighter, places orders, computes AVWAP). Requesting an exchange private key and account/index values is reasonable for this purpose. However, the registry metadata lists no required env vars/install spec while SKILL.md declares several required env vars and an install id (ccxt-mcp) — this mismatch is unexpected and reduces trust in packaging.
Instruction Scope
SKILL.md tells the user to set environment variables (DRY_RUN, symbol, timeframe, plus LIGHTER API keys) and to run/initiate the scalper. The Python files only access the declared env vars and local filesystem paths under ../state and ../logs; they don't attempt network calls other than via the ccxt exchange client. The instructions do not request unrelated files or system-wide secrets.
Install Mechanism
The registry shows 'No install spec' but SKILL.md includes an 'install: - id: ccxt-mcp' and requires an MCP (ccxt-mcp). This inconsistency is suspicious. The code itself has no external download URLs; the only dependency is ccxt (expected). If ccxt-mcp comes from an untrusted source, that could be a risk — verify the origin of that MCP package before installing.
Credentials
The environment variables the skill uses (LIGHTER_API_PRIVATE_KEY, LIGHTER_API_KEY_INDEX, LIGHTER_ACCOUNT_INDEX, DRY_RUN, SCALPER_SYMBOL, SCALPER_TIMEFRAME) are appropriate for exchange trading. The concern is that the registry metadata omitted these required env vars / primary credential information, so automated permission gating may not present the correct prompts. Supplying a private key gives the skill full trading authority on the account — treat as high-sensitivity secret.
Persistence & Privilege
The skill does not request global or always-on privileges. It writes state and logs to relative ../state and ../logs directories (normal for a trading bot) and does not modify other skills or system-wide configs. Autonomous invocation is allowed by default (not flagged on its own) — remember an autonomous skill that can trade has real financial impact.
What to consider before installing
This package appears to implement the scalper it advertises, but there are packaging inconsistencies you should resolve before using it with real funds. Recommended precautions: (1) Verify the origin of the skill and the 'ccxt-mcp' package; prefer a known ccxt distribution. (2) Run strictly in DRY_RUN=true and test in an isolated environment first. (3) Use a throwaway exchange account or one with minimal funds and restricted permissions when you first supply keys. (4) Inspect the code yourself (or have someone you trust do so) — especially the lighter_client and order placement paths — to confirm there are no hidden endpoints or unexpected network calls. (5) Ensure your platform will prompt you for the named env vars (the registry metadata currently omits them); do not paste your production private key until you confirm the packaging and provenance.Like a lobster shell, security has layers — review code before you run it.
latestvk975m5dmp9xef6w6xsa41zmbs983s860
License
MIT-0
Free to use, modify, and redistribute. No attribution required.