Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

tradr

v1.0.0

Onchain trade execution engine. Feed a CA + score, get full trade lifecycle — sized entry, mode-based exits, on-chain verification, and trade logging. Requires Bankr skill.

⭐ 0· 625·1 current·1 all-time

by@riskanon

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The skill claims to be an on-chain execution engine and explicitly depends on the Bankr skill; the code calls a bankr.sh script, queries on-chain RPCs and DexScreener, reads/writes position and trade-log files, and exposes an adapter interface. Nothing requested or installed is out of scope for an execution engine.

ℹ

Instruction Scope

SKILL.md instructs running setup.sh, editing config.json (wallets, modes), enabling a systemd exit-manager, and feeding tradr-enter.py with CA+score. The runtime scripts read local config, positions/trade-log files, query public RPC endpoints and DexScreener, and call the bankr.sh helper. The notify hook sources a local .env.secrets file if present for Telegram tokens — this is expected for notifications but is not declared in the top-level metadata. The docs claim 'tradr never touches your private keys' — the code does not read private keys but delegates execution to Bankr (so trust in Bankr is required).

✓

Install Mechanism

There is no registry install spec; this is an instruction+script bundle. setup.sh creates configuration, workspace directories, makes scripts executable, and writes/enables a systemd unit (to /etc/systemd/system by default) or a user service when --user is passed. No remote downloads or obscure URLs are used. Because setup can write a system service, it may require root privileges when installing system-wide.

ℹ

Credentials

The skill declares no required environment variables, which is broadly correct, but the code will read a few environment values if present: SOL_WALLET_ADDRESS and EVM_WALLET_ADDRESS (fallbacks for wallet configuration), and the notify hook expects TELEGRAM_* variables if you use it (loaded from ~/.env.secrets or a skill-local file). The exit and entry scripts set BANKR_ALLOW_TRADE / BANKR_ALLOW_SELL in the subprocess environment to bypass Bankr trade guards — this is functional for automation but is effectively granting the Bankr helper permission to trade without additional interactive confirmation.

ℹ

Persistence & Privilege

tradr installs and enables a persistent systemd service (exit-manager) by default. always:false (not force-included) and model invocation are normal. The service will autonomously poll prices and call Bankr to execute sells/buys. That autonomy is expected, but because the code sets env flags to bypass Bankr's trade guard, you should only enable the service if you trust the Bankr script and the configuration.

Assessment

What to check before installing and running tradr: - Trust boundary with Bankr: tradr delegates all on-chain execution to the Bankr skill via the configured bankr.sh. Review the bankr.sh script and Bankr skill config (API key location and behavior). This skill sets BANKR_ALLOW_TRADE / BANKR_ALLOW_SELL in the child process environment to bypass Bankr trade guards — ensure bankr.sh enforces authentication/authorization appropriately. - Install as a user service first: setup.sh writes a systemd unit and will try to put it in /etc/systemd/system (root). Prefer ./scripts/setup.sh --user to install under your user if you want lower privilege and to test behavior. - Protect notification secrets: notify-telegram.sh sources ~/.env.secrets or a local .env.secrets file for TELEGRAM_* tokens. If you use notifications, store those secrets with strict filesystem permissions and review the script. - Wallet private keys: tradr claims not to touch private keys; it relies on Bankr to perform trades. Do not put private keys into tradr config.json; ensure Bankr's secret handling is secure. - Review config.json and RPC endpoints: ensure rpc_urls, wallets, and token_gate settings are correct. Default token_gate values could lock you out if enabled unintentionally. - Test offline/sandbox: run scripts/test-tradr.py and exercise tradr-enter.py against a dry-run or a non-production configuration before enabling the systemd service. - Audit filesystem and permissions: tradr writes workspace files (positions, trade log). Confirm their locations and permission expectations to avoid exposing sensitive data. If you are comfortable with these points and trust the Bankr skill (or have audited bankr.sh), tradr appears coherent for its stated purpose. If you cannot audit Bankr or do not want an autonomous systemd service that can trigger trades, do not enable the service system-wide and avoid populating secrets/configs until you have reviewed the code.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e4nh4bkzj4bbgac12rzm1dn813b0c

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

tradr

License

Comments