Hyperliquid Trading Agent
WarnAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate trading integration, but it can deploy persistent automated agents that trade real funds, so it needs careful review before use.
Install only if you trust ZoneIn and are comfortable giving an assistant-mediated skill authority over trading workflows. Prefer HITL mode, start with small or paper-trading limits, confirm every financial action yourself, whitelist withdrawal addresses, and make sure you can pause, disable, or delete any deployed agent.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent created with default settings may make trades without per-trade approval, potentially causing real financial losses.
Agent creation defaults to fully automated execution rather than human-in-the-loop approval, which is high-impact because the skill controls trading behavior.
`--execution-mode` | str | auto | `auto` = fully automated. `hitl` = human-in-the-loop (trade plans for approval)
Use HITL mode by default, require explicit review before deploy/enable, and verify leverage, assets, daily loss limits, and position sizing before confirming any financial action.
A deployed trading agent may continue scanning and acting over time after the initial conversation, including during market volatility.
The artifacts describe persistent autonomous monitoring and immediate execution, not just one-time user-directed analysis.
auto mode: execute immediately on Hyperliquid ... Position Monitoring ... Recommended Cron Schedules ... `*/5 * * * *` | Signal scan
Only deploy agents you intend to run continuously, set strict risk limits, monitor them actively, and know how to pause, disable, or delete them.
Users may not realize how their wording is being translated into a trading-agent preset, which can affect leverage, strategy, and automation risk.
The skill tells the assistant not to show the mapping from user intent to agent presets, even though these presets affect trading style and risk behavior.
## AI Type Mapping (internal — never show to user)
Before creating or deploying an agent, the assistant should disclose the selected agent type, execution mode, leverage, assets, and risk profile in plain language.
Anyone with access to the API key may be able to operate the connected ZoneIn account and trading agents.
The script reads a local OpenClaw config fallback for the ZoneIn API key and sends it to the ZoneIn API, which is expected for this integration but sensitive.
config_path = os.path.expanduser("~/.openclaw/openclaw.json") ... get("zonein", {}).get("apiKey", "") ... headers = {"X-API-Key": keyUse a dedicated, revocable API key, avoid sharing logs or command output containing credentials, and rotate the key if you suspect exposure.
If Telegram setup is misconfigured or the bot token is exposed, trade-plan notifications or approvals could go to the wrong place.
The skill supports trade-plan approval through Telegram, an external communication channel that must be configured to the correct bot and chat.
Telegram Notifications — Instant trade plan alerts with one-tap approve/reject buttons
Use a private Telegram bot/chat, protect the bot token, and verify the configured chat before relying on Telegram approvals.
It may be harder to independently verify the publisher, code history, or changes between versions.
The registry metadata does not identify a source repository or provenance beyond the homepage, which matters more for a skill that can affect real funds.
Source: unknown
Verify the ZoneIn homepage and publisher identity before installing, and review the bundled script when upgrading.