ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Envy Trading System

v1.0.2

Use when the user asks about crypto indicators, trading signals, backtesting strategies, portfolio optimization, market analysis, starting/stopping the tradi...

1· 80·0 current·0 all-time
by@manolovni
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description align with the code and declared requirements: it is a Node.js-based trading/monitoring stack (envy.js, monitor.js, controller.js). The declared primaryEnv NVARENA_API_KEY and required binary node are coherent with the described subscription/key flow and CLI usage. The included dependencies (ethers, ws, yaml) match the functionality (blockchain signing, websockets, YAML parsing).
!
Instruction Scope
SKILL.md/README and CLI commands instruct the agent/user to run npm install and many node CLI commands. The README explicitly warns not to run 'node envy.js wallet' in chat, but the code will automatically create/load wallet.json and use it for on-chain micropayments (callWithX402) when no API key is set. That means normal operations (e.g., the agent calling paid endpoints without an API key) can trigger on-chain-signed payments from the local wallet without an explicit user prompt. The skill also writes files (wallet.json, state.json, signals/, strategies/) and can update controller.yaml — file I/O and auto-restarts are within scope but increase the attack surface.
Install Mechanism
There is no registry install spec; the skill ships source files and instructs the user to run 'npm install' in the skill folder. This will fetch ethers, ws, and yaml from npm (moderate risk but expected for Node tooling). No remote binary downloads or obscure URLs are used, but running npm install pulls third-party packages into the environment.
!
Credentials
The skill declares a single primary credential NVARENA_API_KEY, which is appropriate for the API-key auth path. However, it also auto-creates and persists a local wallet (wallet.json) containing the private key and mnemonic in plaintext. The code implements a fallback (x402 micropayments) that will sign payments using that wallet automatically when no API key is configured. That introduces a sensitive secret (private key) and an ability to sign/spend funds that is not represented as an environment variable but is nevertheless required for the skill to operate in fallback mode.
!
Persistence & Privilege
always:false (good), but the skill persists multiple files (wallet.json, state.json, signals/, strategies/, archive/) in its directory. Because the code will sign transactions automatically for the x402 flow using the stored wallet, an autonomously invoked skill run could consume funds from that wallet. The combination of autonomous invocation ability + stored private key increases the blast radius compared to a read-only monitoring skill.
What to consider before installing
What to consider before installing: - Sensitive local wallet: The skill creates wallet.json and writes your wallet’s privateKey and mnemonic in plaintext. Treat that file as highly sensitive. If you install, do not reuse a valuable/hot wallet — use a fresh, low-value wallet for this skill. - Automatic micropayments: If you do not configure NVARENA_API_KEY the code will fall back to x402 micropayments and will automatically sign requests with the local wallet to pay for endpoints. That can spend USDC from the wallet without further interactive confirmation. - Explicitly provide an API key if you want to avoid on-chain payments and reduce signing activity. If you cannot obtain a vetted API key, be prepared to fund only a tiny wallet and monitor transactions. - Review & restrict network access: The skill talks to arena.nvprotocol.com and can post to arbitrary webhook URLs if configured. Do not supply webhook endpoints you don’t control or that could leak strategy/state data. - Audit and run in isolation: Inspect the included files (envy.js, monitor.js, controller.js) yourself. If you proceed, run npm install and execute the tool in a sandboxed environment (isolated VM/container) and avoid importing the generated wallet into your main wallet software unless you understand the risk. - Manual control: Prefer running CLI commands yourself in your terminal rather than letting the agent autonomously run potentially state-changing commands. The README’s recommendation to run 'node envy.js wallet' only in terminal should be followed — do not paste wallet or private key into chat. If you want, I can list the exact lines/functions that create and persist the wallet, the x402 signing flow, and the places where the code will sign/send payments so you can review them before deciding.
controller.js:487
Shell command execution detected (child_process).
controller.js:453
Environment variable access combined with network send.
envy.js:97
Environment variable access combined with network send.
monitor.js:18
Environment variable access combined with network send.
!
controller.js:42
File read combined with network send (possible exfiltration).
!
envy.js:86
File read combined with network send (possible exfiltration).
!
monitor.js:24
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97767vvpr0967969kpfzdb1ms83hz39

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode
Primary envNVARENA_API_KEY

Comments