ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Robonet

v0.1.0

Use Robonet's MCP server to build, backtest, optimize, and deploy trading strategies. Provides 24 specialized tools for crypto and prediction market trading: (1) Data tools for browsing strategies, symbols, indicators, Allora topics, and backtest results, (2) AI tools for generating strategy ideas and code, optimizing parameters, and enhancing with ML predictions, (3) Backtesting tools for testing strategy performance on historical data, (4) Prediction market tools for Polymarket trading strategies, (5) Deployment tools for live trading on Hyperliquid, (6) Account tools for credit management. Use when: building trading strategies, backtesting strategies, deploying trading bots, working with Hyperliquid or Polymarket, or enhancing strategies with Allora Network ML predictions.

0· 1.6k·3 current·3 all-time
by@nickemmons
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description (build/backtest/deploy trading strategies) matches the listed MCP tools and workflows in SKILL.md. However, several capabilities (deploying to Hyperliquid, managing vaults/wallets, viewing credit balance, integrating with Allora) inherently require authentication, wallet credentials, or billing configuration — none of which are declared in the skill metadata (no required env vars, no primary credential, no homepage/source). That omission is a coherence gap.
Instruction Scope
SKILL.md is an instruction-only integration that tells the agent to load and call MCP tools (data access, AI generation, backtesting, deployment). The instructions do not ask the agent to read local files, environment variables, or unrelated system paths. However, they do instruct potentially high-impact actions (create live deployments, view/modify strategies and strategy code). Because the skill can retrieve and return complete Python strategy source code, there is potential to handle sensitive secrets in those artifacts — SKILL.md does not document how such secrets are protected or whether the MCP server will ever request private keys.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes local disk/write risk and there are no downloaded artifacts for the static scanner to analyze.
!
Credentials
The skill needs (or implies the need for) credentials and payment/billing info to perform several core actions (deployments, Hyperliquid vaults require wallet funding, account credit balance checks, LLM-cost billing). Yet requires.env is empty and no primary credential is declared. This is disproportionate: a trading/deployment skill should clearly document required API keys, wallet auth method (e.g., signing via user wallet, platform-managed keys), and billing arrangements.
Persistence & Privilege
always:false (good). The skill allows autonomous model invocation (default), which is normal; combined with the missing-auth issue, autonomous calls that trigger deployments or billing increase risk if credentials are handled unexpectedly. The skill does not request persistent system-wide privileges in its metadata.
What to consider before installing
This skill appears to do what it says (build/backtest/deploy trading strategies) but it does not declare how it will authenticate or bill for operations that require wallet access and money. Before installing: 1) Ask the publisher (or registry owner) for the authentication flow — what credentials are required, where private keys live, and whether you must provide them. 2) Confirm billing: who pays LLM/mcp costs and how payments/credits are charged. 3) Do not provide private keys or long-lived secrets unless you verify the server, source code, and privacy/billing policies. 4) Ask for a public homepage/repo or contact and for proof the MCP server is operated by a trusted party. 5) If you test, use read-only operations and very small test funds; require explicit, manual approval before any production deployment or wallet interaction. Because this is instruction-only, there is no code to audit locally — that increases the importance of external provenance and clear credential handling.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fq8heatfndy1jf38whfsm4d80f9kc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments