ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Quant Orchestrator (Free)

v1.0.0

Multi-Agent AI Quant System with factor mining, strategy generation, and automated backtesting

0· 284·2 current·2 all-time
by@pikachu022700·duplicate of @pikachu022700/quant-orchestrator
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name/description (multi-agent quant research + paid usage) aligns with the provided code and SKILL.md. Requiring python/pip and installing numeric/ML libs is reasonable. However, the code contains an embedded billing API_KEY constant (billing.py) that is not declared in requires.env or documented as needed — embedding a secret in the published skill is disproportionate and unexpected. Additionally, SKILL.md lists a file (btc_predictor_optimized.py) that is not present in the manifest, which is an inconsistency.
Instruction Scope
Runtime instructions are mostly limited to installing dependencies and running the Python scripts; the Python code performs HTTP requests to external services (Hyperliquid for market data and skillpay.me for billing). The SKILL.md does not instruct reading local user files or environment variables, and the code does not appear to access arbitrary user files or system credentials. Still, network calls transmit usage and user_id to an external billing service — this is expected for a paid skill but should be made explicit and transparent.
Install Mechanism
There is no packaged install spec in the registry; SKILL.md instructs running pip install for common packages (lightgbm, pandas, numpy, requests). Installing these public packages via pip is expected for this functionality. No download-from-URL or archive extraction was present in the manifest.
!
Credentials
The registry declares no required environment variables or credentials, but billing.py hardcodes a secret API_KEY (sk_...). Requiring a billing API key inside the code (instead of asking the host to set an environment variable) is disproportionate and creates risk: the embedded key could be abused by whoever controls the published code, and it isn't visible/confirmable via the registry metadata. The skill also contacts external endpoints (skillpay.me and api.hyperliquid.xyz) for billing and market data — network access is required but wasn't explicitly highlighted as a sensitive behavior in the metadata.
Persistence & Privilege
The skill does not request always:true, does not modify other skills' configs, and does not appear to persist itself or alter system-wide settings. It runs on demand and requires no special platform privileges beyond network access and installing Python packages.
What to consider before installing
This skill mostly does what it says (runs a simulated multi-agent quant pipeline), but there are important red flags you should consider before installing or running it: - Hardcoded billing API key: billing.py contains a plaintext API_KEY. This is insecure and could allow the publisher (or anyone who obtains the key) to control billing-related operations. Prefer skills that require you to provide payment/service keys via environment variables or a secure configuration step. - Undeclared payment behavior: the skill will contact an external billing endpoint (skillpay.me) and may attempt to charge or track calls using the embedded key. If you do not trust the billing provider or publisher, do not run the billed variant (skill_with_billing.py) or pass real user IDs. - Missing file inconsistency: SKILL.md references btc_predictor_optimized.py but that file is not in the manifest — this may indicate an incomplete or sloppy package. - Network I/O: the skill makes HTTP requests to external services for market data and billing. If you want to avoid data leakage or external dependency calls, run the code offline or inside a restricted sandbox/container and review or stub network endpoints first. Recommended actions: - Ask the publisher for a trusted homepage/source and for the API key to be removed from the repository; the billing API key should be provided via an environment variable at runtime. - If you must evaluate the skill, run it in an isolated environment (container or VM) with no network access, or stub the external endpoints, and inspect behavior locally. - Verify the billing service (skillpay.me) and the key's provenance before providing real user IDs or production data. - Consider rejecting the billed entrypoint until the publisher replaces the embedded secret with a documented, opt-in configuration mechanism. If you want, I can produce a short checklist you can send to the publisher requesting changes (remove hardcoded key, document endpoints, include missing files, require env vars for credentials).

Like a lobster shell, security has layers — review code before you run it.

aivk97dqdt6nn23wjx50vdnxzxd9d82h3apfreevk97dqdt6nn23wjx50vdnxzxd9d82h3aplatestvk97dqdt6nn23wjx50vdnxzxd9d82h3apquantvk97dqdt6nn23wjx50vdnxzxd9d82h3aptradingvk97dqdt6nn23wjx50vdnxzxd9d82h3ap

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📊 Clawdis
OSmacOS · Linux · Windows
Binspython, pip

Comments