mt5-httpapi
Security checks across malware telemetry and agentic risk
Overview
This appears to be a coherent MetaTrader API helper, but it can control real trades and can be configured with weak or no authentication.
Install only if you intentionally want an agent to access an MT5 trading account. Prefer a demo account first, set a strong API token, do not leave `api_token` empty, avoid public exposure unless necessary, require manual confirmation for every trade-changing call, and inspect or pin the external GitHub setup before entering broker credentials.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly autonomous call could open, close, or alter positions with real financial consequences.
The documented API includes mutating trading operations. The artifacts show operational pre-trade checks, but no explicit user confirmation or risk-limit requirement before creating, modifying, or closing trades.
place/modify/close orders, manage positions ... GET for reading, POST for creating, PUT for modifying, DELETE for closing/canceling
Use a demo account first, require explicit human approval for all order-changing endpoints, and add strict position-size and symbol limits outside the skill.
If the API is reachable without a token, another local or network user could access account data or send trading commands.
The setup requires broker login credentials and controls API authentication, but explicitly permits an empty API token, which would leave a trading-capable API unauthenticated to reachable clients.
Broker credentials — accounts.<broker>.<account_name> ... password: "your_password" ... `api_token` empty = open to anyone on the network.
Always set a strong API token, restrict listening interfaces and firewall rules, avoid sharing the token with the agent unless needed, and never expose the API publicly without authentication.
You would be trusting external setup scripts and downloaded VM/software components with a machine that may hold broker credentials.
The installation relies on an external repository and automatic downloads rather than code included in this skill. This is disclosed and purpose-aligned for the MT5 VM stack, but the exact code and downloaded artifacts are outside this review.
git clone https://github.com/psyb0t/mt5-httpapi ... make up ... First run downloads tiny11 (~4 GB), installs Windows ... sets up Python + MT5 automatically.
Inspect the repository, pin a commit or release, review Docker/Make scripts, and use an isolated host or VM before entering broker credentials.
Account data and trading commands may become reachable through a public URL if the tunnel is enabled.
The setup documents an optional public tunnel to the trading API through Cloudflare. This is disclosed, but it changes the API from local-only access to an internet-reachable gateway.
Public Access via Cloudflare Tunnel (optional) ... cloudflared points at the always-on nginx sidecar ... Hit `https://mt5-api.yourdomain.com/<broker>/<account>/...` from the public side.
Enable public tunneling only if necessary, require the bearer token, use Cloudflare access controls, and monitor logs for unexpected requests.
The trading API may remain available after the immediate task is complete.
The referenced service stack is designed to keep running after setup. That persistence is expected for an API bridge, but it matters because the service can reach trading accounts.
make up # start make down # stop ... cloudflared points at the always-on nginx sidecar
Stop the stack with `make down` when not in use and ensure persistent services are not exposed beyond the intended host.