ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OKX Exchange

v1.0.1

OKX quantitative trading agent. Supports spot, USDT-M perpetual swap, and coin-M futures. Strategies: grid trading, trend following (MA/RSI/MACD), spot-futur...

0· 722·3 current·3 all-time
by@lk2023060901
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's declared registry metadata lists no required environment variables or binaries, yet the SKILL.md and README instruct the user to add OKX_API_KEY / OKX_SECRET_KEY / OKX_PASSPHRASE (and LIVE variants) into ~/.openclaw/workspace/.env and to run Python scripts. The cron helper requires an 'openclaw' CLI to be present but that binary is not declared. The absence of declared credentials and required CLI/tools in metadata is an incoherence: a trading skill legitimately needs API keys and a runtime, so those should be declared.
!
Instruction Scope
Runtime instructions explicitly tell the agent/user to source ~/.openclaw/workspace/.env (loading API keys) every session and to run scripts that will read/write memory files and execute trades. The cron_setup.sh creates scheduled jobs whose messages instruct the cron agent to 'source ~/.openclaw/workspace/.env' and to execute snapshot and monitor commands and 'send the raw output' — meaning account snapshots and monitor outputs (which include balances/positions) will be periodically produced and emitted by the agent. The instructions allow skipping confirmations and switching to live mode with separate live env vars, so misconfiguration could lead to autonomous live trading. These behaviors are within the stated trading purpose, but they broaden what gets read/transmitted (sensitive account data) and grant the skill the ability to schedule recurring automated actions — all of which should be explicit in metadata and reviewed by the user.
Install Mechanism
No formal install spec is declared (instruction-only install), but the bundle contains many Python scripts and a requirements.txt recommending 'pip install -r requirements.txt'. There are no downloads from untrusted URLs or extracted archives. The lack of an automated install step means the user must run pip/setup manually; that's acceptable but should be made explicit in registry metadata. No direct evidence of malicious install sources.
!
Credentials
The skill requires sensitive OKX API credentials to function (demo and live keys), but the registry's required env vars list is empty — a mismatch that can mislead users and automated permission systems. The code persists state and journals under ~/.openclaw/workspace/memory and instructs to store keys in ~/.openclaw/workspace/.env; storing credentials in a workspace file is convenient but increases risk if that file is not properly protected. Multiple env names (demo vs LIVE) are justified by live/paper modes, but the omission from metadata is a meaningful coherence problem.
Persistence & Privilege
always:false (good). However, cron_setup.sh programmatically registers periodic jobs via 'openclaw cron add' that will run the skill's monitoring and snapshot commands and instruct the cron agent to 'send' outputs. That creates persistent automation (periodic account snapshots and scans) and will run with sourced env keys. This is expected for a trading bot but increases the skill's ongoing footprint and potential blast radius if keys are compromised or misconfigured. The skill does not request to modify other skills' configs.
What to consider before installing
This skill appears to be a real OKX trading bot, but there are mismatches you should resolve before installing: - It needs OKX API keys (demo and optional live keys) and expects you to store them in ~/.openclaw/workspace/.env, yet the registry metadata did not declare any required env vars. Treat this as a red flag: only provide demo keys initially (OKX_SIMULATED=1) and do not add live keys until you audit the code. - The cron setup uses an 'openclaw' CLI to register recurring jobs that will source your .env and execute monitor/snapshot commands and forward the raw output. Understand and accept that these jobs will periodically run and publish account/position information via your agent channels. If you don't want recurring automation, do not run cron_setup.sh or run 'teardown' after setup. - Review the code (okx_client.py, execute.py, monitor.py) yourself or run it in a sandboxed/test environment with paper keys. Verify that printing/logging does not leak secrets and that 'require_confirm' and 'auto_trade' prefs are set to safe defaults. Keep OKX_SIMULATED=1 during testing. - Ensure the workspace .env file is protected (file permissions) and consider using platform-managed secrets instead of plaintext .env. Confirm presence of the 'openclaw' CLI and Python runtime before running cron scripts. If you want to proceed: run tests and do an initial dry run with OKX_SIMULATED=1 and inspect outputs carefully. If you don't have the expertise to audit the code, treat this skill as high-risk and avoid providing live API keys.

Like a lobster shell, security has layers — review code before you run it.

latestvk975zwanmkffcetdw3pbzve3bh82153q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments