Claude AI Trading Skill
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may make outbound requests to Elfa when answering crypto social-data questions.
The skill directs the agent to run shell-based HTTP requests. This is purpose-aligned for live API access, but it is still a tool-use capability users should expect and keep scoped to Elfa endpoints.
Use the `bash_tool` to call the Elfa API via curl.
Use the skill only for intended Elfa queries and review any generated curl or code before reusing it.
A configured API key may consume Elfa credits, and x402 mode may spend USDC per request if the user has set it up.
The skill can use an API key or wallet-based x402 signing/payment. This is disclosed and relevant to Elfa access, but it involves credential or payment authority.
primary: ELFA_API_KEY (optional — x402 mode requires no credentials from the user) ... x402: Wallet-based signing handled client-side by @x402/fetch or @x402/axios libraries
Store the API key only in the ELFA_API_KEY environment variable, do not paste it into chat, and use x402 only with clear approval and cost expectations.
Users have less provenance information when deciding whether to trust the skill’s instructions.
The skill has no executable install mechanism, but the registry metadata does not provide source or homepage provenance for users to verify.
Source: unknown; Homepage: none
Prefer installing only if you trust the registry entry and verify Elfa API details against official Elfa documentation.