Bitget Data
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill is a real-money Bitget trading automation package with embedded or exposed credentials, autonomous cron-based trading behavior, and unsafe API/security handling that require careful review before use.
Do not install this skill as-is for a live account. If you still want to use it, first remove all embedded credentials, revoke any exposed Bitget keys, audit every trading script, restore TLS verification, disable cron jobs by default, and use a new low-permission, no-withdrawal, IP-restricted API key with very small funds and manual approval for all live trades.
Findings (9)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with access to the package may be able to use or attempt to use the exposed Bitget account credentials; if these are real, funds could be traded without the owner’s consent.
The package documentation contains actual-looking Bitget API credentials and indicates live trading mode, exposing trade-enabled account access in the distributed artifact.
"apiKey": "bg_73063...", "secretKey": "ecdc70...", "passphrase": "Lin12345", "isSimulation": false
Do not use the embedded credentials. Revoke any exposed Bitget API key immediately, create a fresh key with no withdrawal permission, restrict it by IP, and confirm the code uses only your intended credential file.
Installing or invoking the skill can give the agent authority to place and cancel real trades on a Bitget spot account.
The skill asks for a live Bitget API key with trading permission, while the registry metadata declares no primary credential or required environment variables.
"apiKey": "bg_your_api_key", "secretKey": "your_secret_key", "passphrase": "your_passphrase", "isSimulation": false ... Permissions: Spot Read + Spot Trade
Use a dedicated low-balance API key, disable withdrawals, enable IP allowlisting, start in simulation or read-only mode where possible, and require explicit approval for live trading actions.
A mistaken or autonomous invocation could place orders, cancel protective orders, rebalance holdings, or otherwise change the user’s financial position.
The skill exposes direct commands for high-impact account mutations, including starting automated strategies and canceling all orders.
Start Grid Trading ... node .../start-simple.js ... Cancel All Orders ... node .../cancel-all.js
Require confirmation before any order placement, cancellation, market buy/sell, rebalance, or grid redeploy; keep position limits small and verify every script target before running it.
The trading system may continue operating after the initial setup, repeatedly checking and adjusting strategies without the user being present.
The artifacts describe recurring cron-based monitoring and automatic grid adjustment, creating persistent autonomous trading behavior.
Cron 定时任务 ... 每 30 分钟 ... 自动调整网格(如需要)
Review and disable any OpenClaw cron entries unless you explicitly want continuous trading; set clear stop conditions, alerting, and manual approval for strategy changes.
Authenticated exchange traffic could be intercepted or tampered with on an unsafe network, potentially exposing account data or altering trading requests.
Static scan evidence shows HTTPS certificate verification disabled in a script that communicates with the Bitget API.
rejectUnauthorized: false
Do not run the scripts until TLS verification is restored; remove `rejectUnauthorized: false` from all API clients.
If script paths or arguments are not tightly controlled, command execution could run unintended local actions.
Static scan evidence shows shell-based execution used to run local Node scripts; this is plausible for a CLI wrapper but should be reviewed because it dispatches trading scripts.
execSync(`node "${scriptPath}" ${arg}`, {Prefer fixed allowlisted script dispatch without shell interpolation, and confirm which script will run before invoking quick-start or CLI helpers.
Trading status, errors, or other account-related information may be sent to a chat service or recipient the user has not verified.
The multi-agent configuration describes external Feishu notifications for trading-system alerts, but the registry does not declare this data flow or its boundaries.
"notifications": { "feishu": { "enabled": true, "chatId": "oc_xxx", "alerts": ["frequency_exceeded", "api_error"] } }Disable external notifications until you confirm the recipient, content, and webhook configuration; never send API secrets or full account details in alerts.
Future agent sessions or anyone with workspace access may see balances, order details, strategy settings, and trading history.
The skill stores detailed trading/account status reports in workspace files, which is useful for monitoring but sensitive if reused across tasks or shared.
账户资金 ... USDT ... BTC ... SOL ... ETH ... 总计 ... ~948 USDT
Keep the workspace private, remove old reports before sharing the skill, and avoid storing API secrets or full account details in markdown logs.
A user may over-trust the automation or underestimate the risk of loss from live crypto trading.
Some reports use highly optimistic return framing and encourage continued autonomous operation despite the financial risk.
收益可观 - 日收益 1-2%,年化 365%-730% ... 风险可控 ... 让策略运行,不要过度干预
Treat performance claims as unverified; set conservative budgets, stop-losses, and manual review checkpoints before allowing autonomous trading.