Solana Funding Arb Cn
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is not just a scanner: it can use a Solana wallet private key to automatically place live trades and run on a schedule, while that authority is under-declared.
Review this carefully before installing. Use dry-run only at first, do not enter a main wallet private key, avoid enabling cron/live trading unless you understand and accept the loss risks, and prefer a dedicated low-balance wallet with strict limits.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If live trading code, configuration, or dependencies behave unexpectedly, funds in the configured wallet can be traded, lost, or exposed to liquidation/platform risk.
The skill asks for Solana wallet signing material for live trading, while the provided requirements declare no primary credential or required env vars. A Solana private key can authorize trades or movement of funds.
SOLANA_PRIVATE_KEY=[1,2,3,...] # Or use wallet file SOLANA_WALLET_PATH=/path/to/wallet.json
Do not use a primary wallet. Test only in dry-run first, then use a dedicated low-balance wallet if you proceed, and require the skill metadata to explicitly declare private-key/wallet access.
The bot can mutate on-chain positions and spend/trade wallet funds automatically once live trading is enabled.
The included engine can sign and broadcast on-chain transactions using the wallet, including with `skipPreflight`. This is expected for trading, but it is high-impact and no per-trade confirmation gate is shown.
transaction.sign(this.config.wallet);
const signature = await this.connection.sendRawTransaction(transaction.serialize(), {
skipPreflight: true,
maxRetries: 3
});Keep live trading disabled until you have reviewed the code, require explicit approval for every trade, set small hard limits, and avoid `skipPreflight` unless you understand the consequences.
A failed trade sequence could leave you with unintended market exposure and potential losses.
The code acknowledges that one leg of an arbitrage can succeed while the second leg fails, leaving an unhedged position that may require manual cleanup.
// TODO: Handle partial execution - may need to manually close position
logger.error('CRITICAL: Sell failed after buy succeeded!');Do not run live multi-leg trading until partial-execution handling, rollback/hedging behavior, and position limits are fully implemented and tested.
Users may trust the bot or strategy more than warranted and enable live automated trading with real funds too quickly.
The wording overstates safety for a strategy that can suffer slippage, liquidation, smart-contract/platform, rate-reversal, and partial-execution risks.
→ Zero price risk (hedged) → Collect funding from both sides!
Treat the return and safety claims as marketing, not guarantees. Require conservative loss scenarios, audited execution logic, and manual monitoring before risking funds.
If you add the cron job, the bot may keep checking and potentially trading while you are not watching.
The cron wrapper loads environment secrets and runs the auto-trader on a schedule. This setup is disclosed, but once installed it can continue operating without interactive review.
source "$HOME/.secrets/.env" ... npx ts-node --transpile-only src/trading/auto-trader.ts >> "$LOG_FILE" 2>&1
Only enable cron after dry-run testing, use a limited wallet, monitor logs, and know how to remove the crontab entry.
Running `npm install` will bring in third-party packages that can affect your local environment.
The skill requires Node dependencies and blockchain SDKs even though the registry/install metadata presents it as having no install spec. A lockfile is present, so this is an under-declaration note rather than evidence of malicious supply-chain behavior.
"dependencies": {
"axios": "^1.6.0",
"express": "^4.18.2"
},
"optionalDependencies": {
"@solana/web3.js": "^1.73.0",
"@zetamarkets/sdk": "^1.64.0"
}Review `package.json` and `package-lock.json` before installing, and the publisher should declare the install/dependency requirements in metadata.