ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Weex

v1.0.1

Automated trading tool for WEEX API, supporting futures and spot trading, including natural language order placement, order cancellation, order query, market...

1· 60·0 current·0 all-time
by@iiiiicooper
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the included files: the repo contains spot and contract API wrappers, local endpoint definitions, signing docs, and helper scripts — all expected for a WEEX trading skill. However, the registry metadata claims no required environment variables or primary credential while the SKILL.md and code clearly expect WEEX_API_KEY, WEEX_API_SECRET, WEEX_API_PASSPHRASE (and optional WEEX_API_BASE/WEEX_LOCALE). That mismatch is an incoherence in the packaging/metadata.
Instruction Scope
SKILL.md gives concrete commands to run the included Python scripts and documents that private endpoints require env vars. It does not instruct reading arbitrary host files or unrelated credentials. Two concerns: (1) SKILL.md says 'Default flow is direct live execution (no dry-run step)' while also requiring '--confirm-live' for mutating requests — this is ambiguous and could lead to accidental live trades if the agent omits the flag; (2) the agent is expected to translate natural language into CLI flags (the agent layer does this), which gives broad discretion to the agent to craft mutating commands. Both are relevant operational risks for a trading skill but are within the domain of the stated purpose.
Install Mechanism
No install spec; the skill is instruction-only plus Python scripts present. That means nothing is auto-downloaded at install time. The included scripts are local and self-contained; no external arbitrary binary downloads were observed in the manifest.
!
Credentials
The scripts legitimately require API credentials (KEY, SECRET, PASSPHRASE) and optionally base URL/timeout/locale — those are proportionate for a trading integration. The problem is metadata: the registry lists no required env vars or primary credential, while SKILL.md and references clearly require and read env vars. This inconsistency can mislead users or automated gate checks that rely on declared requirements. Also, the skill requests full trading capability (place/cancel orders, adjust margin), so you should use least-privilege keys (no withdrawal permission).
Persistence & Privilege
always is false and there is no install behavior that modifies other skills or system configuration. The skill does not request permanent platform-level privileges. It will run Python scripts when invoked, which is expected for this kind of skill.
What to consider before installing
This skill appears to be a real WEEX trading client (spot + futures) implemented as local Python scripts. Before installing or providing real API credentials: - Treat the registry metadata mismatch as a red flag: SKILL.md and the scripts require WEEX_API_KEY / WEEX_API_SECRET / WEEX_API_PASSPHRASE even though the registry lists none. Don’t rely solely on the registry declarations. - Do not provide your main account keys. Create a least-privilege API key for testing (disable withdrawals; limit permissions to read and trading only if needed). - Inspect the scripts yourself (they are included) to confirm there are no hardcoded exfil endpoints or logging of secrets. The provided files appear to call the weex.com API and fetch docs from weex.com — expected for this skill. - Test in dry-run / sandbox first: manually run the scripts locally with test keys or in a sandbox account to verify behavior. The SKILL.md expects the agent to include --confirm-live for mutating actions; be explicit in prompts and review generated CLI before execution. - Because the agent is responsible for mapping natural language to CLI flags, prefer explicit structured prompts (e.g., specify exact --confirm-live or --no-execute) and review any generated command before it runs. - If you plan to use this in an automated/agent setting, require an explicit confirmation step for any live trade, rotate keys if exposed, and consider running the skill in an isolated environment. If you want a cleaner integration: ask the skill author to update the registry metadata to declare the required env vars and set a primary credential, and to clarify the default/dry-run behavior to avoid ambiguity around live execution.

Like a lobster shell, security has layers — review code before you run it.

latestvk973g0n74hwn0n7bsya3tg675983tmz6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments