ClawHub

AI News BNB Trader

v0.1.0

TypeScript (Node.js 20+) AI news-driven BNB strategy trading bot for BSC. Use when user wants event/news sentiment signals, strict risk controls, and automat...

0· 227·0 current·0 all-time
by@happyrstudent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be a TypeScript/node BNB trading bot — the source code matches that purpose (news fetcher, signal models, risk gates, DEX integration). However the published metadata / registry entries say 'Required env vars: none' and 'No install spec / instruction-only' while the bundle contains full source and expects sensitive env vars (EVM_PRIVATE_KEY or ENCRYPTED_KEY_PATH + KEY_PASSPHRASE, OPENAI_API_KEY, ONEINCH_API_KEY, RPC URLs, NEWS_API_URL). That metadata omission is an incoherence (sensitive credentials are required for the claimed functionality).
Instruction Scope
SKILL.md and the CLI commands match the code's runtime behavior (start/status/panic/revoke-approvals, key encryption). The instructions request news endpoints, RPCs, and key material which the code consumes. The runtime instructions do not appear to request unrelated system data, but they do direct the agent to perform network calls and on-chain transactions (swap, revoke approvals) when not in dry-run.
Install Mechanism
There is no explicit install spec in the registry (instruction-only), but the package includes package.json and package-lock.json so npm install is required. Dependencies are standard (dotenv, ethers, dev tooling). No remote arbitrary downloads or obscure install URLs are present; risk here is typical for an npm package.
!
Credentials
The code requires highly sensitive secrets to operate: an EVM private key (or encrypted key + passphrase), RPC URLs (PRIVATE_RPC_URL or RPC_URL), and optional API keys (OPENAI_API_KEY, ONEINCH_API_KEY). Those credentials are proportionate to a trading bot, but the registry metadata does not declare them. Also logger redacts only some envs (EVM_PRIVATE_KEY, OPENAI_API_KEY, ONEINCH_API_KEY) but not KEY_PASSPHRASE or RPC auth tokens — potential leakage points. The skill should have declared required env vars in metadata and documented minimal-permission recommendations.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and only writes to its own state directory (state-data) and to an encrypted key file if the CLI is used. It will persist its bot-state and optionally an encrypted key file; it will also send transactions that can move funds. Autonomous invocation (default) is present but expected for a skill of this type.
What to consider before installing
This repository contains a real trading bot that will perform on-chain swaps and can revoke approvals — it legitimately needs a wallet private key (or an encrypted key + passphrase), RPC endpoints, and optional API keys (OpenAI, 1inch). The registry metadata omits these required env vars, which is a red flag: before running, review the code locally, and follow these precautions: - Do not supply your main/large-balance wallet private key. Use a fresh wallet with minimal funds for testing. - Keep DRY_RUN=true while evaluating; verify behavior in dry-run mode and inspect logs and saved state-data before enabling real trades. - Inspect NEWS_API_URL and NEWS_WS_URL sources to ensure they are trusted (the bot executes trades based on that feed). - If using the encrypt CLI, the code uses AES-256-GCM + scrypt; verify encryption/decryption locally and ensure KEY_PASSPHRASE is handled securely. Note the logger redacts some envs but not KEY_PASSPHRASE or RPC secrets — avoid putting passphrases into logs or shared environments. - Audit and limit RPC and DEX API credentials; prefer a private RPC provider and restrict API keys to minimal scopes where possible. - Consider running in an isolated environment (container, VM) and reviewing the package.json dependencies with npm audit before install. Because the metadata is inconsistent and this code can move funds, treat this as suspicious until you perform the above checks and validate all configuration and endpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dzq3zbn0abhhcavjb6qep4s82a4ay

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments