Hyperliquid

The OpenClaw skill bundle for Hyperliquid is benign. It is explicitly stated as 'read-only' and interacts solely with the public Hyperliquid Info API (`https://api.hyperliquid.xyz/info`). Local configuration, such as account aliases, is stored transparently in `~/.clawdbot/hyperliquid/config.json`. There is no evidence of data exfiltration, malicious execution, persistence, obfuscation, or prompt injection attempts against the agent beyond legitimate instructions for parsing user input and formatting responses, as seen in `SKILL.md` and `scripts/hyperliquid_chat.mjs`.