cTrader Commander
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This openly trading-focused skill can place or close real trades through a local proxy using stored credentials, but it does not show strong confirmation or scoping controls.
Install only if you are comfortable giving an agent access to a cTrader account through a local proxy. Use a demo or low-risk account first, review the external proxy code, protect the proxy from unauthorized local access, and require explicit confirmation before any trade, close, cancel, or account switch.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could place, close, or cancel trades if a user gives an ambiguous instruction or if another prompt steers the agent into using the broad command path.
The skill exposes direct order placement and a raw command passthrough to the trading proxy. These are purpose-aligned, but they are high-impact financial actions and the artifacts do not pair them with explicit confirmation, dry-run, allowlisting, or transaction limits.
`POST` | `/api/market-order` | Place market, limit, or stop order ... `GET` | `/get-data?command=...` | Generic passthrough for any cTrader command
Require explicit user confirmation before every order, close, cancel, or account switch; confirm symbol, side, order type, price, volume, account, and live/demo status; and prefer narrow endpoints over the generic passthrough.
If the proxy is running, the skill can act on the configured cTrader account using the stored credentials, including sensitive account queries and trade mutations.
The agent can call the local proxy without per-call authentication, while the proxy reuses stored cTrader credentials. That grants account authority at the proxy boundary rather than requiring fresh user authorization for high-impact actions.
No token or API key is needed by callers. All credentials live in `.env` on the server.
Protect the local proxy with authentication or an allowlist, use the least-privileged/demo account possible, clearly declare the credential requirement, and require confirmation for all account-mutating requests.
The static scan did not inspect the proxy code that will handle credentials and submit trades.
The reviewed skill contains only instructions and delegates credential handling and trading execution to an external proxy repository that is not included or pinned in the artifact set.
Clone it, add your `.env`, and run `make run` to start the proxy before using this skill.
Review and pin the proxy repository before adding credentials, run it from a trusted checkout, and consider using a demo account first.