LP Agent
Security checks across static analysis, malware telemetry, and agentic risk
Overview
LP Agent matches its trading purpose, but it handles crypto wallet keys and deploys trading infrastructure with weak default credentials and unpinned remote code, so it needs careful review before use.
Only install this if you are comfortable running automated DeFi trading infrastructure. Use a dedicated wallet with limited funds, change default Hummingbot/API credentials immediately, verify the API is local and trusted before entering any private key, and pin or review the Hummingbot API code before deployment.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the API is reachable by another local user, container, browser-origin path, or network exposure, known credentials could allow unauthorized trading or wallet management.
The non-interactive installer creates known default credentials for the Hummingbot API/config. This API is the backend used for wallets and trading actions, so weak defaults materially expand account and fund-control risk.
echo "Setting up with defaults (admin/admin)..." ... USERNAME=admin PASSWORD=admin CONFIG_PASSWORD=admin
Change all default credentials before adding a wallet, keep the API bound to localhost or a trusted network only, and avoid importing a high-value wallet.
A compromised or misconfigured API endpoint could receive a private key that controls on-chain funds.
The wallet-import script intentionally collects a raw Solana private key and sends it to the configured Hummingbot API. That is purpose-aligned for a trading gateway, but it is extremely sensitive authority.
private_key = getpass.getpass("Enter private key (base58): ")
...
data = {
"chain": args.chain,
"private_key": private_key,
}
...
result = api_request("POST", "/accounts/gateway/add-wallet", data)Verify HUMMINGBOT_API_URL points to a trusted local Hummingbot API before entering a key, use a dedicated low-balance trading wallet, and never paste a primary wallet or seed phrase.
A change or compromise in the remote repository or its dependencies could alter the software that controls trading infrastructure.
The installer fetches the current state of a remote repository and deploys it without a pinned commit, tag, checksum, or reviewed vendored source. That remote code becomes part of the trading stack.
REPO_URL="https://github.com/hummingbot/hummingbot-api.git" ... git clone "$REPO_URL" "$INSTALL_DIR" ... make deploy
Pin a reviewed release or commit, inspect the Docker Compose and Makefile before running, and avoid upgrading with unreviewed `git pull` on wallets holding meaningful funds.
Future commands in that environment may use this shim instead of a real sudo implementation, which can change expected privilege behavior.
When running as root without sudo, the installer writes an executable named `sudo` into `/usr/local/bin`. This is a persistent system-path modification outside the skill directory.
echo -e '#!/bin/bash\nwhile [[ "$1" == *=* ]]; do export "$1"; shift; done\nexec "$@"' > /usr/local/bin/sudo chmod +x /usr/local/bin/sudo
Run setup inside a disposable container or VM, avoid running the installer as root on a host system, and remove the shim if it was created unexpectedly.
Incorrect parameters, market movement, or unattended automation can cause losses, fees, or unwanted on-chain positions.
The strategy is designed to automatically open, close, and rebalance LP positions through the gateway. This matches the skill purpose, but it is real financial mutation authority.
- **Automatic rebalancing** when price exits position range ... │ - Opens/closes via │ │ gateway │
Start with small amounts, review pool address and strategy parameters carefully, monitor active controllers, and know how to stop strategies before deploying them.