ClawHub

farmdash futures strategist

v1.0.3

Research-first Hyperliquid perps skill for OpenClaw. Uses a fixed, documented API surface for funding scans, market analysis, account-state checks, position...

1· 64·0 current·0 all-time
byParm@parmasanandgarlic
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the declared behavior: research, sizing, and zero-custody execution via FarmDash endpoints. The only credential surface is FARMDASH_API_KEY (declared primaryEnv) which aligns with the stated tier gating. No unrelated binaries, config paths, or extra credentials are requested.
Instruction Scope
SKILL.md and bundled openapi.yaml only instruct calls to farmdash.one and Hyperliquid endpoints and require a fresh EIP-712 signature from the user's Hyperliquid API wallet for execution. The instructions explicitly forbid asking for private keys/seed phrases and restrict network calls to a documented boundary; there is no instruction to read arbitrary local files or environment variables beyond the optional FARMDASH_API_KEY.
Install Mechanism
This is an instruction-only skill with no install spec or code files to write/execute. No downloads, package installs, or archive extraction are present.
Credentials
The skill only declares one optional API credential (FARMDASH_API_KEY). This is proportionate for tiered analysis and execution. Note: providing a high-tier bearer token (Syndicate) enables execution endpoints and large request quotas — only supply it if you trust FarmDash and understand the execution flow.
Persistence & Privilege
always:false and no install means the skill does not demand permanent agent-wide presence or modify other skills. Autonomous invocation is allowed (default) but not combined with other concerning privileges in this package.
Assessment
This package is internally coherent, but take the usual precautions before enabling live trading: (1) Start in Scout mode (no FARMDASH_API_KEY) to verify behavior and outputs. (2) Never paste private keys or seed phrases into the agent — the skill requires locally-created EIP-712 signatures for execution. (3) Only supply FARMDASH_API_KEY if you trust FarmDash; a Syndicate token enables execution and high-rate access. (4) Confirm the agent will disclose the 1 bps builder fee and ask for explicit user confirmation before executing orders. (5) Test with very small trades first. If you want higher assurance, verify the FarmDash endpoints and owner/publisher identity independently (homepage, team, or repo) before providing credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk977pk34tdkmhfmxtwtqhz9szs848f70

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Primary envFARMDASH_API_KEY

Comments