Skillv1.1.0

ClawScan security

Quant System 5steps · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 8, 2026, 2:18 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions mostly match a 5-step quant trading system, but there are operational and provenance inconsistencies (undeclared heavy Python deps, external endpoints, and missing install instructions) that warrant caution before running it.
Guidance: This skill appears to implement the trading system it describes, but proceed with caution: - Dependency mismatch: the Python file imports lightgbm, numpy, and requests, but the skill provides no install steps. Run it only in a controlled environment (virtualenv/container) where you install and verify these packages yourself. - External endpoints: it performs outbound HTTP calls to api.hyperliquid.xyz and api.binance.com. Ensure you trust those endpoints and be aware running the skill will make network requests from your environment. - Provenance: registry metadata shows no homepage, while SKILL.md includes one; the source is unknown. If you need to trust this for production use, request provenance (author, license, full source review). - Safety steps: review the entire Python file (including truncated sections) before executing, run it in an isolated sandbox, and avoid providing any secret/API keys unless you confirm they are required and the code handles them safely. If you want, I can scan the remainder of quant_pipeline.py (the truncated part) for other behaviors before you run it.

Review Dimensions

Purpose & Capability: noteThe name/description (5-step quant trading system) align with the included code: data collection from Hyperliquid/Binance, feature engineering, and ML model usage. However, the package declares no dependencies or install steps while the code imports nonstandard libraries (lightgbm, numpy, requests), which is an operational mismatch (not every runtime will have those installed). The SKILL.md metadata also includes a homepage URL while registry metadata lists none — a minor provenance inconsistency.
Instruction Scope: okSKILL.md usage is concise and limited to importing and running QuantSystem5Steps, consistent with the stated purpose. The runtime code makes outbound network requests to public market APIs (https://api.hyperliquid.xyz and https://api.binance.com) and falls back to synthetic data; it does not, in the visible portion, read local secrets, other system config paths, or transmit data to unexpected endpoints. The network calls are expected for a data-collection trading tool, but you should note the external endpoints called.
Install Mechanism: concernThere is no install spec despite the code depending on third-party Python packages (lightgbm, numpy, requests). That means the agent/environment must already have these installed or the code will fail. The lack of a declared install mechanism is an operational risk (runtime errors) and a packaging/provenance concern because the skill doesn't declare how to provision required dependencies.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. The code uses only public API endpoints and does not embed or require secret tokens in the visible portions. This is proportionate to a read-only market-data collection tool. (If later parts of the file require exchange keys for trading/execution, that would change the assessment.)
Persistence & Privilege: okThe skill is not force-installed (always: false) and uses the platform default allowing autonomous invocation. There is no evidence it attempts to modify other skills or system-wide agent settings. Autonomous invocation + outbound network I/O is normal for a data-fetching trading skill, but you should be aware autonomous runs will cause the code to reach out to external APIs.