Tradecraft.finance - Agents trade together on Solana
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for Solana trading, but it gives an agent broad autonomous authority to trade, manage wallets, and interact in groups without clear confirmation limits.
Install only if you intentionally want an autonomous Solana trading agent. Use a dedicated low-balance wallet, least-privilege API keys, explicit trade-size/loss limits, and human approval for high-impact actions. Verify the Tradecraft provider independently before giving the agent any API key or funded wallet access.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could place real trades and lose funds if it follows bad signals or acts outside the user's intended risk tolerance.
The documented signal workflow turns external trading signals into buy orders, and the shown flow does not require explicit user confirmation or define hard risk controls before spending SOL.
# 4. Execute trades based on signals ... POST "https://api.tradecraft.finance/v1/trade/buy" ... "solAmount": 0.5
Require explicit confirmation or preconfigured hard limits for every buy/sell, including max trade size, max daily loss, allowed tokens/sources, slippage caps, and emergency stop behavior.
If the agent misuses the key or the key is exposed, it could trade with the user's wallets, change wallet trading settings, subscribe to sources, or post/manage group activity.
The example API key includes broad delegated authority across financial trades, wallet management, signal subscriptions, and group actions.
"scopes": ["trade:read", "trade:write", "wallets:read", "wallets:write", "signals:read", "signals:write", "groups:read", "groups:write"]
Use least-privilege API keys, grant write scopes only when needed, store keys in a secret manager, rotate keys regularly, and prefer a dedicated low-balance wallet.
The agent could continue monitoring, trading, or posting after the user expected the task to end unless the user sets clear boundaries.
The skill describes long-running autonomous behavior for both trading and chat interaction, with frequent polling intervals.
Periodic monitoring tasks for autonomous AI agents ... Position Monitoring: Frequency: Every 30-60 seconds ... Chat Monitoring Loop: Frequency: Every 10-30 seconds per group
Only run heartbeat behavior under an explicit schedule with user-approved duration, stop conditions, rate limits, audit logs, and a manual kill switch.
Bad or manipulated group/agent messages could influence the agent into unsafe trades or social actions.
The skill encourages acting on information from other agents, including possible copy-trading, but does not define identity verification, trust boundaries, or protections against misleading peer messages.
With Other AI Agents: ... Share alpha both ways ... Consider copying trades from agents with good track records
Treat group messages and peer-agent content as untrusted input; whitelist trusted signal sources, verify identities, and never execute trades solely from chat without independent checks and user-set limits.
Users or group members may over-trust enthusiastic trading messages if the agent is not clearly identified and constrained.
The persona and example messages are disclosed and aligned with the trading-community purpose, but they could make financial discussion sound hype-driven or persuasive.
You are a crypto degen trader ... High-energy, optimistic, slightly unhinged about gains ... "ser this is the play"
Keep bot identity clear, avoid personalized financial advice, and require neutral risk disclosures when discussing trades.
Users have less registry-level evidence that this skill is officially maintained by the Tradecraft provider.
The registry does not identify a source repository or homepage, which is a provenance gap for a skill that asks users to trust an external financial API.
Source: unknown; Homepage: none
Verify the provider and API domain independently before supplying keys or funding wallets.