Kraken Pro

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill matches its stated Kraken account-management purpose, but it can perform real financial actions if given powerful Kraken API credentials.

Use this only with a dedicated least-privilege Kraken API key. Start with read-only permissions if you only need portfolio, ledger, or market data; add trading or withdrawal permissions only when necessary. Carefully review every command before allowing --confirm, especially withdrawals and market orders.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

A confirmed command can place trades, cancel orders, stake or unstake assets, or withdraw crypto funds.

Why it was flagged

The skill exposes high-impact financial actions such as buying, selling, cancelling orders, staking changes, and withdrawals. The documentation includes confirmation and dry-run guidance, making this purpose-aligned but still important for users to notice.

Skill content

All trading commands require `--confirm`. Use `--validate` for dry-run. ... `withdraw --asset BTC --key NAME --amount N --confirm`

Recommendation

Only approve --confirm after checking the exact asset, pair, amount, price, and withdrawal key. Prefer --validate for trades before placing real orders.

Medium

#ASI03: Identity and Privilege Abuse

What this means

If the API key has broad permissions, the skill can access private financial account data and perform account-changing actions.

Why it was flagged

The code uses Kraken API credentials to instantiate authenticated account, earn, funding, and trading clients. This is expected for the skill, but it grants sensitive account authority.

Skill content

api_key = os.getenv('KRAKEN_API_KEY') ... self.funding = Funding(key=api_key, secret=api_secret) ... self.trade = Trade(key=api_key, secret=api_secret)

Recommendation

Create a dedicated Kraken API key with only the permissions needed. Do not grant Withdraw Funds unless you intend to use withdrawals or earn functions that require it, and rotate/revoke the key when no longer needed.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

A compromised or vulnerable dependency could affect a sensitive Kraken integration.

Why it was flagged

The setup depends on an external Kraken SDK package. The version is pinned, which reduces ambiguity, but users are still trusting a third-party dependency for financial-account operations.

Skill content

python-kraken-sdk==3.2.7

Recommendation

Install from a trusted package source, keep the dependency reviewed and updated, and avoid using privileged API keys on untrusted machines.