XT Exchange
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its stated exchange-trading purpose, but it handles highly privileged financial API keys and includes instructions/code paths that could expose or redirect those credentials.
Only install this if you understand that it can trade and withdraw from your XT account. Use a dedicated, least-privilege API key, avoid withdrawal permission unless absolutely needed, do not print or paste your credential file, and verify that `XT_HOST`/`XT_FUTURES_HOST` are not redirected before using authenticated commands.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your XT secret key could be exposed in the agent transcript, terminal history, logs, or other places that capture command output.
The skill suggests checking for credentials by printing the local credentials file, which likely contains both `access_key` and `secret_key`.
cat ~/.xt-exchange/credentials.json 2>/dev/null
Do not print credential files. Check existence with a non-revealing command such as `test -f ~/.xt-exchange/credentials.json`, and use restricted API keys with only the permissions needed.
If `XT_HOST` is set incorrectly or maliciously, signed trading, transfer, or withdrawal requests could be sent to an unintended server.
Authenticated requests, including signed headers with the XT access key, can be sent to an environment-variable-controlled host rather than only the official XT API endpoint.
self.host = host or os.environ.get("XT_HOST", DEFAULT_HOST)Ensure `XT_HOST` and `XT_FUTURES_HOST` are unset or set only to trusted XT endpoints before use; ideally the skill should warn users before sending authenticated requests to non-default hosts.
The agent can place trades, cancel orders, transfer funds between account types, and initiate withdrawals if you confirm those actions.
The skill exposes high-impact financial actions but also documents confirmation requirements before executing them.
下单 / 撤单 / 划转 / 开仓 / 平仓 执行前必须...等待用户确认...提币不可撤销
Review every proposed symbol, side, amount, price, chain, and withdrawal address carefully before confirming.
A normal dependency install is required for the CLI, but the exact package version is not locked by the artifact.
The setup instruction installs an unpinned Python dependency from the package ecosystem.
pip3 install requests -q
Install dependencies in a virtual environment and consider pinning a known-good `requests` version.