ClawHub

EntradeX

v0.1.16

Use the EntradeX CLI for DNSE workflows. Use when (1) setting DNSE API credentials via env vars or config file, (2) reading account, market, and order data,...

2· 475·0 current·0 all-time
byHieu Tran@hieuhani
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (EntradeX CLI for DNSE trading) align with required binaries (entradex), required env vars (DNSE_API_KEY, DNSE_API_SECRET), and declared install (npm entradex-cli). All requested items are reasonable for a trading CLI.
Instruction Scope
SKILL.md describes only installing/using the CLI, configuring credentials (config file or env), and running account/market/trade commands. It does not instruct reading unrelated system files or exfiltrating data. It explicitly warns that the CLI can place real trades.
Install Mechanism
Install is an npm package (entradex-cli) that provides the entradex binary — this matches the declared requirement. npm packages can execute arbitrary code during install/runtime, so verifying package source (as the SKILL.md suggests) is sensible; the install method itself is proportionate to the skill's purpose.
Credentials
Only DNSE_API_KEY and DNSE_API_SECRET are required and DNSE_API_KEY is declared as primaryEnv. These credentials are expected for a trading CLI. No unrelated secrets or many disparate credentials are requested.
Persistence & Privilege
always:false (no forced presence). The skill can be invoked autonomously (platform default) but that is not by itself a concern; the SKILL.md warns about real trades and suggests mitigations.
Assessment
This skill appears coherent for a trading CLI: it needs the entradex binary (npm package) and your DNSE API key/secret. Before installing or granting credentials: (1) inspect the npm package and repository (SKILL.md suggests doing so), (2) consider using a limited-permission trading account or API key for autonomous runs, (3) avoid storing long-lived master keys in shared environments, and (4) rotate keys if suspicious activity occurs. NPM packages can run code on install and at runtime — verify the package author/repo before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk976zdev5s206fvcsyaq4npr3981v4p0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsentradex
EnvDNSE_API_KEY, DNSE_API_SECRET
Primary envDNSE_API_KEY

Install

Install EntradeX CLI (npm)
Bins: entradex
npm i -g entradex-cli

Comments