Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Edge.Trade
vv4387.0.0Use when user asks about crypto tokens, trading, portfolios, or price alerts.
⭐ 0· 1.2k·4 current·4 all-time
by@lexomis
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (crypto tokens, trading, orders, portfolios) aligns with the declared MCP tools and actions (tokens, pairs, orders, wallet). Requiring an API key (in skill.yaml) is expected for a trading API. However, the registry metadata reported earlier said “Required env vars: none” while skill.yaml declares a required secret API_KEY — this mismatch is an incoherence to resolve before trusting the skill.
Instruction Scope
SKILL.md lists actions that include placing orders and 'encrypted wallet management' (non-custodial flow) and mentions delivering alerts to webhooks/Redis/Telegram. The instructions do not explicitly tell the agent to read arbitrary local files, but they also do not explain how wallet secrets/keys are provided or stored. A skill that can place trades and manage wallets should clearly document whether it will prompt for private keys, use the API_KEY only, or store any secrets — the lack of that detail is a scope risk.
Install Mechanism
skill.yaml uses an MCP server command that runs `npx -y @edgedottrade/edge --api-key ${API_KEY}`. npx will fetch and execute code from the npm registry at runtime (auto-installing the package). While a repository URL is listed (GitHub), executing whatever the package publishes (especially with `-y` to auto-run) is higher risk than an instruction-only skill or a pinned, pre-reviewed binary. This is a moderate-to-high install risk until the npm package and GitHub repo are audited or a pinned release is used.
Credentials
skill.yaml requires a single secret: API_KEY (Edge Trade API key), which is reasonable for the stated functionality. The problem is the earlier metadata claimed no required env vars — that inconsistency is suspicious. Also, SKILL.md references wallet management but does not declare how wallet private keys are handled (not listed in config). The agent may prompt for sensitive secrets at runtime; users should not supply private keys or high-privilege API keys without understanding storage and scope.
Persistence & Privilege
always is false and the skill does not request system-wide configuration changes. It does request MCP spawn and network outbound permissions (expected for a networked trading tool). Autonomous invocation is allowed by default — this is normal, but it increases impact because the skill can place orders if given credentials. No 'always:true' or other elevated persistent privileges were requested.
What to consider before installing
This skill appears to be a legitimate crypto trading integration, but proceed cautiously. Do not install or provide credentials until you verify the npm package and GitHub repository (@edgedottrade/edge) and confirm which secrets will be used and how they're stored. Prefer a read-only or limited-permission API key (no withdrawal or transfer rights). Avoid pasting private wallet keys into the agent; ask the maintainer how non-custodial wallet management is implemented and whether secrets are ever sent to external endpoints. If you decide to use it, request a pinned package version (not an unpinned `npx -y`), audit the package code or repository, and restrict the API key scope and lifetime. Resolve the metadata inconsistency (registry says no env vars but skill.yaml requires API_KEY) before trusting the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk9703csxm2e8mwsm43qmk1ez19851b7q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.