IBKR Trading
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: ibkr-trader Version: 1.0.0 The skill is classified as suspicious due to several high-risk capabilities, although they appear to align with the stated purpose of automating IBKR trading. Key indicators include the use of `sudo apt-get install` for system-level package installation in `SKILL.md` and `scripts/setup.sh`, downloading and executing a remote ZIP file (`clientportal.gw.zip` from `download2.interactivebrokers.com`) in `scripts/setup.sh`, and handling sensitive IBKR credentials (username/password) via environment variables for authentication. While all network communication is directed to a local gateway (`https://localhost:5000`), the combination of elevated privileges, remote code download, and sensitive credential handling without clear malicious intent warrants a 'suspicious' classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bot or agent using this helper could submit and confirm trades that affect a real brokerage account, potentially causing financial loss.
The trading wrapper automatically accepts IBKR order confirmation prompts after placing an order. That is high-impact financial mutation without a clear per-order user approval or safety limit.
if result[0].get("messageIds"):
# Confirm the order
confirm = self._post(f"/v1/api/iserver/reply/{result[0]['id']}", {
"confirmed": True
})Require explicit user approval for every order and confirmation, default to paper trading, add account and quantity limits, and remove or gate the automatic confirmation behavior.
Anyone who can read the .env file or access the running session may be able to act through the user’s IBKR account.
The skill asks the user to store IBKR login credentials locally for automated authentication. This is expected for IBeam/IBKR access, but these are high-value financial credentials.
Create `~/trading/.env`: ```bash IBEAM_ACCOUNT=your_username IBEAM_PASSWORD='your_password' ```
Use a paper account first, restrict file permissions on .env, avoid sharing the trading directory, and understand that the skill will operate with brokerage account authority.
The IBKR session may remain active longer than expected, increasing the time window in which automated code can act on the account.
The script is designed for recurring background execution and can trigger the authentication script when the session expires. This is disclosed, but it extends brokerage session persistence.
Run via cron every 5 minutes to keep session active.
...
subprocess.Popen(["bash", auth_script],
stdout=subprocess.DEVNULL,
stderr=subprocess.DEVNULL)Only enable the cron job intentionally, monitor it, provide a clear stop/logout procedure, and disable keepalive when automated trading is not needed.
Compromised or changed upstream packages could affect a trading environment that has brokerage access.
The user-run setup downloads the IBKR gateway and installs unpinned Python packages. This is consistent with the skill’s purpose, but it adds external dependency/provenance risk.
wget -q https://download2.interactivebrokers.com/portal/clientportal.gw.zip ... pip install -q ibeam requests urllib3
Verify the IBKR download, pin Python package versions, use a dedicated virtual environment, and review dependencies before using the bot with a live account.