Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
dexter
v1.0.0Autonomous financial research agent for stock analysis, financial statements, metrics, prices, SEC filings, and crypto data.
⭐ 0· 2.7k·13 current·13 all-time
by@igorhvr
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's purpose (stock/crypto research) matches the need to talk to market data and LLM providers, but the registry metadata declares no required environment variables or credentials while SKILL.md requires multiple API keys (Anthropic, FinancialDatasets, Tavily). That mismatch is incoherent and unexplained. The instructions also hardcode cloning a repository from an unknown GitHub account (virattt) — plausible for implementation but increases trust requirements.
Instruction Scope
SKILL.md instructs the agent/operator to: git clone an external repo, run bun install (install packages), create a .env with multiple API keys, patch source files via sed, write config and helper scripts, and run tmux sessions. These actions download and modify code and require placing secrets on disk. The instructions operate outside a purely read-only querying scope and grant broad discretion to execute arbitrary code from the cloned repo.
Install Mechanism
There is no formal install spec; instead the SKILL.md tells you to clone https://github.com/virattt/dexter.git and run bun install. Downloading and executing dependencies from an unvetted GitHub repository and running its JS toolchain is a moderate-to-high risk install pattern (archive/external code will be written and executed). GitHub itself is a known host, but the author/account is not verified and the repo will run arbitrary dependencies.
Credentials
Registry lists no required env vars, but the instructions require at least three API keys (ANTHROPIC_API_KEY, FINANCIAL_DATASETS_API_KEY, optional TAVILY_API_KEY) and instruct creating a .env file that stores them. Requesting LLM and market-data API keys is sensible for the stated purpose, but the absence of these declarations in the registry metadata is an inconsistency. The instructions also suggest storing keys in plaintext under the skill workspace (risky if not isolated).
Persistence & Privilege
The skill does not request always:true and does not declare system-wide changes beyond its own workspace. However, it instructs creating files under /root/clawd-workspace/dexter and patching repository source files (sed). Running the code will allow autonomous network access to external APIs (normal for this use case) — consider this an ordinary but significant persistence and network privilege that should be confined to an isolated environment.
What to consider before installing
Before installing: (1) Inspect the GitHub repo (https://github.com/virattt/dexter) manually — review package.json, src code, network calls, and the sed change to tool-executor.ts — do not run bun install blindly. (2) Do not store high-privilege or reused API keys in the .env in plaintext on a host you care about; prefer scoped/test keys. (3) Run the install and the skill in an isolated, non-root environment (container or VM) and restrict network access if possible. (4) Confirm why the registry metadata omitted required env vars; ask the publisher for provenance and a checksumed release if you need to trust it. (5) If you cannot audit the code, do not grant production LLM or financial-data keys — use audited or vendor-hosted integrations instead.Like a lobster shell, security has layers — review code before you run it.
latestvk97bh1d8vnfrevmf6asahc65v57z19j5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📊 Clawdis
OSmacOS · Linux
Binsbun, git