Back to skill
Skillv1.0.1
ClawScan security
Hummingbot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 27, 2026, 9:50 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions implement a Hummingbot CLI front-end to a local Hummingbot API and are internally consistent with that purpose, but it reads local .env files and handles sensitive exchange API keys so you should review where the API is hosted and stored credentials before use.
- Guidance
- This package appears to be a legitimate adapter for controlling a Hummingbot API instance from an AI agent. Before installing or using it: (1) ensure your Hummingbot API endpoint is local and not exposed to the public internet; the default credentials are admin/admin so change them if the API is reachable; (2) understand that the scripts will read .env files and prompt for exchange API keys and then store those keys via the Hummingbot API — only provide exchange credentials if you trust the Hummingbot backend and its storage; (3) note the registry metadata does not declare the HUMMINGBOT_API_URL/API_USER/API_PASS env vars even though the code uses them — consider setting explicit environment variables or reviewing the .env files the client will load; (4) review or run the code in a sandbox if you want to verify behavior, and ensure you have network isolation if you are concerned about credential leakage.
Review Dimensions
- Purpose & Capability
- noteName/description match the provided scripts: the bundle implements CLI-like commands (connect, balance, create, start, stop, status, history) using a Hummingbot API client. The code imports hummingbot_api_client and expects a local API endpoint, which is proportionate. Minor mismatch: registry metadata lists no required environment variables, but SKILL.md and code rely on HUMMINGBOT_API_URL, API_USER, API_PASS and several .env file locations.
- Instruction Scope
- noteSKILL.md and the scripts confine actions to managing bots, connectors, balances, market data and history via the Hummingbot API. The scripts explicitly read .env files (./hummingbot-api/.env, ~/.hummingbot/.env, .env) and environment variables for API URL/credentials, prompt for exchange API keys, and send/store credentials to the Hummingbot API — all expected for this purpose but also sensitive operations you should be aware of.
- Install Mechanism
- okNo install spec in registry; SKILL.md only recommends pip installing 'hummingbot-api-client'. There are no downloads from arbitrary URLs or archive extraction in the manifest, so install risk is minimal and expected.
- Credentials
- noteThe code legitimately needs access to Hummingbot API credentials and to accept exchange API keys. However, the registry declares no required env vars despite SKILL.md/code using HUMMINGBOT_API_URL, API_USER, API_PASS and reading .env files. The scripts will prompt for and send exchange API secrets to the Hummingbot API backend — this is expected but sensitive and worth verifying.
- Persistence & Privilege
- okThe skill is not marked 'always: true' and is user-invocable; it does not modify other skills or system-wide settings. It uses the Hummingbot API to store credentials/configs rather than writing to global agent configuration.