Alpaca
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill connects through Membrane to an Alpaca brokerage account and exposes trading/account-changing actions, but its description and visible instructions do not clearly warn or bound those financial powers.
Review carefully before installing. Only connect an Alpaca account if you want the agent to access brokerage data, and do not allow live trades, order cancellations, configuration changes, or position closes unless you explicitly approve the exact action and details. Consider using a paper-trading account or read-only access first.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user might install or invoke the skill expecting administrative data management, not live brokerage actions that could affect investments.
The visible description frames the skill as managing organizations/users/filters, but the body describes Alpaca as a stock brokerage and lists trading actions. That mismatch can cause users to underestimate the financial authority being enabled.
description: |\n Alpaca integration. Manage Organizations, Users, Filters.
Update the description to clearly state that the skill connects to an Alpaca brokerage account and may expose trading, account-configuration, order-canceling, and position-closing actions.
If used incautiously, the agent could submit or change brokerage actions with real financial consequences.
The action catalog includes high-impact financial mutations, including creating orders, updating account configurations, canceling orders, and closing positions, but the supplied visible instructions do not show explicit user confirmation or scope limits before such actions.
| Create Order | create-order | Submit a new order to buy or sell an asset. |
Require explicit user confirmation for every trade, cancellation, configuration change, or position close; prefer paper-trading or read-only credentials unless the user clearly requests live trading.
Connecting the wrong account or granting broad access could expose or allow changes to financial-account information.
The skill relies on delegated authentication and automatic credential refresh for access to Membrane and Alpaca. This is expected for an integration, but it is sensitive because it can authorize access to brokerage account data and actions.
Membrane handles authentication and credentials refresh automatically
Authenticate only to the intended Alpaca account, use the least-privileged or paper-trading connection available, and revoke the Membrane connection when it is no longer needed.
Future CLI versions or npm supply-chain issues could affect what commands do on the user's machine.
The setup uses a global npm install with the moving @latest version. Installing the Membrane CLI is purpose-aligned, but unpinned global tooling can change behavior over time.
npm install -g @membranehq/cli@latest
Install from the trusted npm registry, consider pinning a reviewed CLI version, and avoid running commands from unexpected sources.