Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Decker AI 트레이딩
v2.3.2Use when user asks about Decker signals, portfolio, orders, auto-order rules, news digest, Slack/Telegram integration, or exchange API key setup. Triggers: 하...
⭐ 0· 122·1 current·1 all-time
by@gigshow
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Skill name/description match its instructions: it purposefully drives Decker signals, portfolio, orders, auto-order rules and integrations. Requiring a Decker↔OpenClaw secret (X-OpenClaw-Secret) is a legitimate need for calling internal APIs. However, the registry summary above lists 'Required env vars: none' while SKILL.md metadata declares OPENCLAW_SECRET as required — an incoherence in the published metadata.
Instruction Scope
SKILL.md explicitly instructs the agent to call internal endpoints (web_fetch GET order-request and Assistant API POST /api/v1/assistant/message) and to never disclose backend URLs or secrets to users. Those instructions align with the trading purpose (placing orders, retrieving portfolios). They do, however, give the agent the authority to trigger order-related internal calls; if credentials are present at runtime these calls could cause real trades.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk by an installer. Lowest install risk.
Credentials
SKILL.md requires OPENCLAW_SECRET (X-OpenClaw-Secret) which is proportional to calling internal Decker APIs. But the registry metadata summary claims no required env vars — a packaging/manifest inconsistency. The skill does not request unrelated credentials (exchange API keys are described as user-entered on decker-ai.com, not as env vars), which is good.
Persistence & Privilege
always:false and user-invocable:true (normal). The skill is allowed to be invoked autonomously (disable-model-invocation:false) — this is platform default. Combined with the ability to call order endpoints and a required secret, autonomous invocation increases blast radius; by itself it's not a disqualifier but worth user consideration.
What to consider before installing
Key points to consider before installing:
- Manifest mismatch: SKILL.md declares a required OPENCLAW_SECRET but the registry summary shows no required env vars — ask the publisher to clarify/correct the manifest before trusting the skill. The skill will need X-OpenClaw-Secret (a secret credential) to call internal APIs.
- The skill instructs the agent to call internal order and assistant APIs (including a mandatory web_fetch GET order-request for orders). If the secret is provided at runtime those calls can trigger order-related actions (potentially real trades). Only provide the secret if you trust the skill and the publisher.
- Exchange API keys (Binance/Hyperliquid/Polymarket) are described as user-side settings on decker-ai.com (not skill env vars). Do not paste your exchange private keys into the skill environment; follow the platform’s recommended flow (create a restricted trading-only key/wallet).
- If you are concerned about accidental trades, restrict autonomous invocation for this skill or require manual confirmation in agent settings. Ask the publisher for an explicit statement/logging/audit policy showing when/where order requests originate.
- Recommend request to publisher: fix the manifest to list OPENCLAW_SECRET in registry metadata, and provide a short security FAQ explaining what the secret grants and how to revoke it.
- If you lack confidence in the publisher, avoid supplying OPENCLAW_SECRET or limit the agent's ability to call web_fetch/execute actions until you can review server-side behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97f9zzpb3xxbe0c2azb7cx84x832gzz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.