ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Freqtrade Deploy

v1.0.4

一键部署Freqtrade量化交易机器人。支持现货交易策略,自动安装依赖、配置策略、设置WebUI监控。

1· 105·0 current·0 all-time
by@namogu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (deploy Freqtrade) match the included files and runtime instructions: the skill clones the official Freqtrade repository, installs Python deps, writes a config.json, and shows how to run the bot and WebUI. No unrelated credentials or services are requested.
!
Instruction Scope
SKILL.md instructs running a remote script via `bash <(curl -s https://raw.githubusercontent.com/freqtrade/freqtrade/develop/install.sh)`, and to edit config.json to put exchange API keys and enable an api_server. Executing remote scripts directly grants that remote code full privileges in the shell and is a significant risk. The instructions also recommend exposing the WebUI (bind 0.0.0.0) and include insecure default credentials (e.g., 'changeme'). There are minor inconsistencies in suggested ports (SKILL.md uses 8080 while references/usage.md mentions 41808).
!
Install Mechanism
No registry install spec is provided; the recommended install is to run an upstream GitHub install script (raw.githubusercontent.com). The included local scripts/install.sh does a git clone of the official repo and runs `pip3 install -e . --break-system-packages`, which will alter the system Python environment (global installs) and may require elevated access. Using curl|bash and global pip installs increases risk compared to isolated/containerized installs.
Credentials
The skill itself does not request environment variables or external credentials, which is proportionate. However the generated config.json expects the user to place sensitive exchange API keys and the api_server defaults to public binding with weak default secrets (jwt_secret_key/ws_token/username/password set to 'changeme' or similar). The skill should explicitly warn users to set strong credentials and bind the API server to localhost or use firewall/IP whitelists.
Persistence & Privilege
The skill does not request always:true and will not be force-included. It does install software to disk when run, but does not claim to modify other skills or global agent settings beyond installing the application itself.
What to consider before installing
This skill appears to be a straightforward Freqtrade deploy helper, but take these precautions before running anything: - Don't run curl | bash without review: the SKILL.md recommends piping a remote GitHub script into bash. Inspect the remote script first (download and read it) or run the included scripts/install.sh locally instead of blindly executing remote code. - Prefer isolated environments: install inside a VM, container (Docker), or dedicated user account rather than your main system to avoid global changes from `pip3 install -e . --break-system-packages`. - Protect API keys: the tool asks you to put exchange API keys in config.json. Only provide keys with the minimum privileges (spot trading only) and consider IP whitelisting. Do not store keys in world-readable files. - Secure the WebUI: the default config binds api_server to 0.0.0.0 and uses weak defaults like 'changeme'. Change the username/password, jwt/ws tokens, and preferably bind to localhost or restrict access via firewall or reverse proxy. - Review inconsistencies: docs reference different default ports (8080 vs 41808) and various defaults; confirm and harden the final configuration before launching with real funds. If you want stronger assurance: ask the maintainer for the exact upstream install script SHA or run the official repo install script after manually verifying its contents, and run the bot in an isolated environment with limited funds until you are confident in the setup.

Like a lobster shell, security has layers — review code before you run it.

latestvk97efp2aqemkamkmghkp4vfcpn83gcs5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments