Back to skill
Skillv1.0.0
ClawScan security
Trading Tournament · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewFeb 24, 2026, 6:55 AM
- Verdict
- Review
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The SKILL.md claims an OKX trading tournament but asks you to create API secrets and run local Node.js scripts that are not included and are inconsistently named (bybit vs OKX) — these mismatches and undeclared credential needs are suspicious and warrant caution and code review before use.
- Guidance
- Do not supply real API keys or run unknown scripts without review. The SKILL.md asks you to create .secrets/okx.env with OKX credentials and to copy/run code that is NOT included in the package (it even references a 'bybit-trading/' folder while claiming OKX). This mismatch and the undeclared credentials are suspicious. If you consider using it: - Ask the publisher for the full source code and verify provenance before running anything. - Review all code for where it reads/writes .secrets/okx.env, where it sends network traffic, and any code that restarts processes or manipulates system tasks. - Use a demo OKX account with minimal permissions and no withdraw rights; rotate and limit keys (IP restrictions if available). - Run in an isolated environment (container or VM) and inspect logs and network traffic first. - Prefer immutable deployment (no automatic cron/Task installers) and avoid persisting secrets in plaintext on disk; use a secrets manager when possible. - Clarify the bybit/OKX inconsistency and confirm that the 'bybit-trading/' reference is not a copy-paste error that hides other mismatches. Given the missing files and undeclared sensitive requirements, treat this skill as untrusted until you can audit the code and confirm intent.
Review Dimensions
- Purpose & Capability
- concernThe skill's description is a trading tournament on OKX, which would legitimately need OKX API keys and a Node.js implementation. However, the registry metadata declares no required environment variables or code files, while the SKILL.md instructs creating .secrets/okx.env with OKX_API_KEY/SECRET/PASSPHRASE and copying a local folder 'bybit-trading/'. The 'bybit' folder name conflicts with the OKX target, which is an unexplained inconsistency. Expecting API credentials but declaring none in the registry is disproportionate and incoherent.
- Instruction Scope
- concernThe runtime instructions tell the agent (or user) to copy a local folder, edit agents_config.json, create a .secrets/okx.env file with API credentials, and run `node competition_manager_okx.js`. Those files/scripts are not part of the packaged skill, so the instructions assume external code and secret storage. The SKILL.md also recommends a Guardian cron/Windows Task that kills/restarts processes and checks logs, which instructs actions that affect system services and secret files. These actions go beyond a simple informational skill and require access to local filesystem, process control, and sensitive credentials.
- Install Mechanism
- noteThere is no install specification (instruction-only), which minimizes automatic installation risk. However, because the instructions rely on external Node.js scripts and a 'bybit-trading/' folder that are not provided, the skill in practice requires obtaining and running external code — the source and integrity of that code are unknown. The lack of an install mechanism combined with missing code is a red flag for manual code review before execution.
- Credentials
- concernThe SKILL.md explicitly requires OKX_API_KEY, OKX_API_SECRET, and OKX_PASSPHRASE and instructs storing them in a .secrets file, but the registry declares no required env vars or primary credential. Requesting exchange API credentials is plausible for trading, but the undeclared nature plus instructions to persist secrets on disk (and to run restart scripts that may access them) is disproportionate without packaged code and provenance. The bybit/OKX naming mismatch further clouds whether those credentials are actually needed or being misdirected.
- Persistence & Privilege
- concernThe skill does not set always:true, but it instructs installing a Guardian via cron/Windows Task to monitor and restart the competition manager, which creates ongoing background activity and process-control behavior on the host. That grants persistence and requires system privileges to manage processes/tasks; combined with secret storage and autonomous trading, this increases the potential impact if the code or operator is untrusted.