Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Grvt Markets
v1.0.0Trade on GRVT (Gravity Markets) derivatives exchange via the grvt-cli tool. Use when the user wants to trade crypto derivatives, place or cancel orders, chec...
⭐ 0· 498·0 current·0 all-time
byStefano Cantù@madeinusmate
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill (Grvt Markets) and SKILL.md consistently describe a CLI-based trading integration (grvt-cli) and the commands in the reference files match that purpose. However, the registry metadata lists no required binaries or credentials while the README explicitly requires Node.js >= 20 and installation via pnpm and also requires API and private keys for authenticated actions — this metadata omission is an inconsistency (likely sloppy packaging) that reduces transparency.
Instruction Scope
The SKILL.md directs the agent/user to install and run a third‑party CLI that performs authenticated trading operations and EIP‑712 signing. It explicitly instructs manual or interactive setup for entering API keys and private keys and notes that keys are written to ~/.config/grvt/config.toml in plaintext (0600). While the instructions do not attempt to exfiltrate data, they do put the agent/user in a position to provide highly sensitive secrets; the skill text warns about this but does not restrict or provide safer alternatives (e.g., using limited-scope API keys).
Install Mechanism
The skill is instruction‑only and has no platform install spec, but SKILL.md instructs installing @madeinusmate/grvt-cli via pnpm (npm registry). Installing an unvetted community npm package is a moderate risk: npm packages can execute arbitrary code. The SKILL.md includes a clear community‑project disclaimer, but the manifest does not declare installation requirements, which reduces transparency.
Credentials
The manifest declares no required environment variables or primary credential, but the CLI requires an API key and (for write operations) an Ethereum private key and stores session cookies and keys in the config file. The absence of declared credentials in the skill metadata is disproportionate and inconsistent with the documented need for secrets. Additionally, storing private keys in plaintext (even with 0600) is sensitive and increases risk if the host is compromised.
Persistence & Privilege
The skill is not marked always:true and does not request persistent installation by the registry; it is an instruction‑only skill. It does not declare any elevated platform privileges. Autonomous invocation is allowed (default) but is not combined with other high‑privilege settings.
What to consider before installing
This skill appears to be what it says (a CLI wrapper for GRVT trading) but has several red flags you should consider before installing or using it:
- The SKILL.md requires Node.js >=20 and installation via pnpm of @madeinusmate/grvt-cli, but the skill metadata omits required binaries and credentials — treat that as a transparency issue.
- The package is a community project (not audited). Installing an unvetted npm package can run arbitrary code; prefer reviewing the package source before installing and run it in an isolated environment (container or throwaway VM).
- The CLI requires an API key and for write actions an Ethereum private key; it warns that it stores secrets in plaintext at ~/.config/grvt/config.toml (0600). Avoid handing your private key to an agent; prefer using a limited-scope API key or testnet credentials for experimentation.
- The SKILL.md acknowledges the risk and asks for explicit user acknowledgment before use — enforce that. If you must use it, use testnet, rotate keys afterwards, and consider using read‑only credentials or a hardware wallet/signing service rather than placing private keys on disk.
If you want to proceed safely, request the skill owner/source code and perform a code review (or have one performed), or run the CLI in an isolated environment and never supply mainnet private keys to an agent or unknown package.Like a lobster shell, security has layers — review code before you run it.
latestvk9709kv1gsw3gzfte4tj5d8kdd81mbpa
License
MIT-0
Free to use, modify, and redistribute. No attribution required.