ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Xxyy Trade

v1.3.0

This skill should be used when the user asks to "buy token", "sell token", "swap token", "trade crypto", "check trade status", "query transaction", "scan tok...

0· 420·0 current·0 all-time
by@jimmy-holiday
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with required artifacts: the skill calls the XXYY Open API and declares curl and XXYY_API_KEY. Requesting a single XXYY_API_KEY and curl is coherent for an API-wrapping trading skill.
Instruction Scope
SKILL.md instructions are narrowly scoped to the documented XXYY endpoints and describe buy/sell/query/feed/ping operations. The instructions warn the API key can execute real trades and recommend IP whitelisting. The skill does not instruct reading unrelated files or other environment variables.
Install Mechanism
No install spec and no code files — instruction-only. This is low risk because nothing is downloaded or written to disk by the skill itself.
!
Credentials
Only XXYY_API_KEY is required which is appropriate for the API, but the documentation explicitly states there is no read‑only key: the same key can execute real on‑chain trades. That makes the single required credential highly privileged — loss of the key = loss of funds. This is expected for a custodial trading integration but is high risk and should be treated accordingly.
!
Persistence & Privilege
Registry metadata and the included SKILL.md conflict: the registry summary shows model-invocation defaults (disabled-model-invocation: false by default) while the embedded skills/xxyy-trade/SKILL.md sets disabled-model-invocation: true and lists allowed-tools (Bash, Read, AskUserQuestion). The duplicate SKILL.md files and mismatch of invocation settings are incoherent and could affect whether the agent can call the skill autonomously.
What to consider before installing
This skill appears to be what it says (an XXYY API wrapper) but exercise caution: the XXYY API key grants the ability to execute real trades and there is no read-only key. Before installing, verify the publisher and homepage (https://www.xxyy.io), confirm which SKILL.md / metadata will be used (there are two conflicting SKILL.md files), and decide whether you want an agent to be able to invoke the skill autonomously. Use a dedicated API key with minimal funds, enable IP whitelisting on the XXYY side, avoid storing the key in version control, and test with tiny transactions first. If you need clarity, ask the publisher which SKILL.md is authoritative and whether autonomous invocation is intended.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e6rpvzqr6858g0ctptqpg2d841x7s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💹 Clawdis
Binscurl
EnvXXYY_API_KEY
Primary envXXYY_API_KEY

Comments