ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Kalshi Crypto Momentum Trader

v1.0.5

Uses 7-day and 30-day price trend extrapolation to trade crypto year-end price target markets on Kalshi. Requires SIMMER_API_KEY and simmer-sdk.

0· 47·0 current·0 all-time
by@diagnostikon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires wallet
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The stated purpose (Kalshi crypto momentum trader) aligns with the code: it uses a Simmer SDK client to discover/import Kalshi markets and can execute trades. Requiring a SIMMER_API_KEY and a SOLANA_PRIVATE_KEY is plausible for a trading skill that executes on-chain/settlement flows. HOWEVER the registry summary at the top of the submission claims 'Required env vars: none' and 'Primary credential: none', which contradicts the SKILL.md, clawhub.json, and trader.py that all require SIMMER_API_KEY (and the manifest requires SOLANA_PRIVATE_KEY). This metadata inconsistency is suspicious and should be resolved.
!
Instruction Scope
SKILL.md explicitly instructs installing and supplying SIMMER_API_KEY and SOLANA_PRIVATE_KEY and describes live trading behavior (python trader.py --live). The runtime instructions and trader.py read environment variables and call SimmerClient methods and internal _request endpoints. The SKILL.md and code reference additional environment variables (e.g., AUTOMATON_MAX_BET, TRADING_VENUE) and optional tradejournal integrations that are not declared in the top-level metadata. The instructions therefore reference env/config beyond what the registry initially advertised, and they direct the agent to perform sensitive actions (placing real trades given a private key) — this broad scope deserves caution.
Install Mechanism
There is no high-risk download/install step in the skill bundle itself (instruction-only install, with included trader.py). The SKILL.md and clawhub.json declare a pip dependency: 'simmer-sdk'. Because the skill depends on a third-party PyPI package for networked trading operations, the user should review the simmer-sdk package source (and any version differences) before installing or providing live credentials. No arbitrary URL downloads or extracted archives were found in the submission.
!
Credentials
The skill requires SIMMER_API_KEY and SOLANA_PRIVATE_KEY — both are high-value credentials appropriate for a trading agent but sensitive. That is proportionate to executing live trades only if you intend to permit that risk. Problems: (1) the top-level registry metadata incorrectly listed no required envs, (2) trader.py and SKILL.md also reference other envs (AUTOMATON_MAX_BET, TRADING_VENUE) that were not declared in the registry 'required env' summary, and (3) accepting a raw SOLANA_PRIVATE_KEY (base58 private key) grants full control of the associated wallet. Provide keys only for a dedicated low-funds wallet and after auditing simmer-sdk source.
!
Persistence & Privilege
always:false and autostart:false (in clawhub.json) mean the skill is not force-installed and will not auto-start on install, which is good. However automaton.managed: true with an entrypoint of trader.py means the platform may run the agent/automaton for this skill when you enable it; combined with the required private key and API key this increases blast radius if the skill is later invoked autonomously. Autonomous invocation is normal for skills, but given the sensitive credentials requested, the combination elevates risk and warrants extra caution (review code, keep autostart disabled, run in dry-run mode first).
What to consider before installing
Key points before you install or provide credentials: - There is an inconsistency: the registry listed no required env vars, but SKILL.md, clawhub.json, and trader.py require SIMMER_API_KEY and (for live trading) SOLANA_PRIVATE_KEY. Treat that metadata mismatch as a red flag and ask the publisher to correct it or provide an explanation. - SIMMER_API_KEY and SOLANA_PRIVATE_KEY are high-value secrets. Only supply them if you fully trust the publisher and have reviewed the simmer-sdk package and this trader.py source. Prefer creating a dedicated wallet with minimal funds for testing and do not use your primary private key. - Run the skill in dry-run first (the code defaults to dry-run) and verify behavior: what network endpoints are contacted, what orders would be placed, and what data is transmitted. Monitor network traffic if possible. - Review the simmer-sdk package on PyPI/GitHub for malicious or unexpected network calls and for versions that match the repository referenced in SKILL.md. If the publisher's homepage/repository is missing or doesn't match the package, treat that as higher risk. - Keep autostart disabled and avoid passing --live until you have audited the code and tested in a controlled environment. Rotate any keys you use for testing afterward. - If you need more assurance, ask the publisher for a signed release, minimal-permission API credentials, or split-wallet approach (e.g., trading authority that cannot withdraw funds).

Like a lobster shell, security has layers — review code before you run it.

latestvk970fzaqykxqd22s9230xz07p1847azb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments