ClawHub
Back to skill
v0.2.2

Byreal Perps CLI

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:07 AM.

Analysis

This skill is a real leveraged trading tool with local wallet access and account-changing commands, so it should be reviewed carefully before use.

GuidanceBefore installing, treat this as a high-risk financial trading tool. Use testnet first, configure only limited or disposable trading authority where possible, never paste private keys into chat, and require the agent to ask for explicit confirmation before placing orders, changing leverage, canceling orders, closing positions, or updating the CLI.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
byreal-perps-cli order market <side> <size> <coin> ... byreal-perps-cli position leverage <coin> <leverage> ... byreal-perps-cli position close-all -y

The documented commands can place leveraged trades, change leverage, and close all positions. The skill does not add an explicit approval or limit-checking requirement before these high-impact actions.

User impactIf an agent runs these commands too broadly or from an ambiguous instruction, the user could incur financial losses or unwanted position changes.
RecommendationRequire the agent to show the exact command, coin, side, size, leverage, and expected impact, and get explicit user approval before any order, close, cancel, or leverage command.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
npm install -g @byreal-io/byreal-perps-cli ... byreal-perps-cli update install

The skill installs and can update an external global npm CLI package. This is normal for the stated CLI purpose, but it means the installed package and future updates are part of the trusted computing base.

User impactInstalling or updating the CLI gives the external package code the ability to run locally under the user's account.
RecommendationInstall only from a trusted source, check the package/homepage before installation, and avoid updating during sensitive trading sessions unless the update is expected.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
Write commands ... Require initialized perps account with valid agent wallet ... Perps agent keys are stored locally in the byreal data directory

The skill depends on a persistent local agent wallet that can authorize trading operations, but the artifact does not describe permission scoping, spending limits, revocation, or other containment.

User impactA configured agent wallet may allow account-changing trading actions from the local environment.
RecommendationUse the least-privileged agent wallet available, prefer testnet or small limits first, and revoke or rotate agent credentials when no longer needed.