mt5-httpapi
SuspiciousAudited by ClawScan on May 13, 2026.
Overview
This is a coherent MetaTrader integration, but it can control live financial trades and may be exposed with optional or no authentication, so it needs careful review before use.
Install only if you intend to let an agent interact with MT5 trading accounts. Use a demo account first, set a strong API token, avoid public exposure, review the external GitHub stack before running it, and require manual confirmation before any live trade is placed, modified, or closed.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill against a live account could open, alter, or close trades and cause financial loss if it misunderstands the user or market conditions.
The skill teaches the agent to use mutating trading operations. The visible instructions include checks, but do not establish an explicit human-approval gate or risk limit before live account changes.
place/modify/close orders, manage positions ... GET for reading, POST for creating, PUT for modifying, DELETE for closing/canceling.
Use a demo or paper account by default, require explicit approval for every trade, set maximum lot/position limits, and disable mutating endpoints unless the user specifically authorizes them.
Anyone who can reach an unauthenticated API could potentially view account data or control trades for the configured broker account.
The setup stores broker account credentials and allows the API bearer token to be empty, creating broad delegated authority over a trading account if configured insecurely.
Broker credentials — accounts.<broker>.<account_name> ... password: "your_password" ... `api_token` empty = open to anyone on the network.
Always set a strong API token, keep broker credentials out of shared files, restrict network access, and use least-privilege or demo trading accounts where possible.
If exposed publicly or if the token is leaked, remote parties could access account data and trading controls across configured terminals.
The optional tunnel can expose the same backend that routes to every terminal over the public internet, while authentication is optional elsewhere in the setup.
Public Access via Cloudflare Tunnel ... To expose the API publicly ... service: http://nginx:80 ... a single backend covers every terminal.
Avoid public exposure unless necessary; if used, require a strong token, Cloudflare Access or equivalent identity controls, IP allowlisting, TLS, and separate accounts per risk boundary.
The static scan did not analyze the external repository, VM image, or installer behavior that will actually run.
The runnable implementation is pulled from an external repository and performs large automatic downloads during setup; this is purpose-aligned but not reviewable from the included instruction-only package.
git clone https://github.com/psyb0t/mt5-httpapi ... make up ... First run downloads tiny11 (~4 GB), installs Windows ... then sets up Python + MT5 automatically.
Review the external repository and compose files before running, pin versions or checksums where possible, and install in an isolated environment first.
A forgotten running service could continue exposing trading functions after the immediate task is complete.
The API is designed to run as a persistent service. This is disclosed and expected, but it keeps trading controls available until the user stops or secures the stack.
make up # start make down # stop ... 8888 | HTTP API entry (nginx, all terminals)
Stop the stack when not in use, disable public tunnels by default, and periodically verify which ports and services are running.