TradingView Signal Parser
v1.0.1Parse TradingView signals from text or URLs to extract trade details and calculate risk/reward ratios for structured trade analysis.
⭐ 0· 328·0 current·0 all-time
by@sanuei
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code implements parsing and risk/reward calculation matching the description. However, the skill also performs an upfront billing call to an external SkillPay API — that billing behavior is consistent with the listed price but is a side-effect beyond pure parsing (expected for a paid skill) and is exposed directly in the source.
Instruction Scope
SKILL.md shows how to call the skill and advertises price and SkillPay integration. The runtime handler enforces a pre-charge using context.user_id and the SkillPay API before parsing; it does not read files or unrelated env vars. The scope is limited to parsing and billing, but billing requires sending the agent's user_id to an external endpoint.
Install Mechanism
No install spec; standard Node dependency (axios) is used and listed in package.json/lock. Nothing is downloaded from arbitrary URLs or executed from extracted archives.
Credentials
No environment variables are declared, yet a private API key (sk_...) for SkillPay is hard-coded in both SKILL.md and index.js. Embedding a secret in source is poor practice and increases risk (exposed credential, inability for deployers to rotate). The skill also transmits user_id and billing info to skillpay.me — requests of user identity and network access are only partially documented.
Persistence & Privilege
Skill does not request persistent/always-on privilege, does not modify other skills or system config, and uses only its own runtime behavior. Autonomous invocation is allowed (platform default) but not combined with other high privileges.
What to consider before installing
This skill parses TradingView-style text as advertised, but it charges users before running: it makes an HTTP POST to https://skillpay.me/api/v1/billing and the author embedded a SkillPay API key directly in the code and SKILL.md. Before installing, consider: (1) Do you trust the skill author and SkillPay.me? (2) Embedded API keys in published code are risky — the key may be stolen or abused; ask the author to use an environment variable or the marketplace's secure billing integration. (3) The skill sends context.user_id to an external billing endpoint — if you care about privacy, verify what user_id value your agent provides and whether you consent to that transmission. (4) If you don't want automatic charges, avoid enabling this skill or require a review of billing behavior. If possible, request the author remove hard-coded credentials and document precisely what billing data is transmitted.Like a lobster shell, security has layers — review code before you run it.
analysislatestsignaltrading
TradingView Signal Parser Skill
Description
Parse and analyze TradingView signals. Extract trading ideas from TradingView links or text, and provide structured analysis including entry price, stop loss, take profit, and risk/reward ratio.
Usage
const result = await callSkill('tradingview-signal', {
signal: "BTCUSD long from 42000, stop loss 40000, target 45000",
// OR a TradingView URL
url: "https://www.tradingview.com/chart/..."
});
Features
- Parse TradingView signal text
- Extract: symbol, direction (long/short), entry, stop loss, take profit
- Calculate risk/reward ratio
- Provide trade analysis
Price
0.001 USDT per request (paid via SkillPay)
Integration
- Billing: SkillPay.me
- API Key: sk_4312778b58aa7c81c15bd0e2b4fe544e12ca9e765f0deab630a50ecd4daf4ac2
Comments
Loading comments...