v1.0.2

MoneySharks

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:31 AM.

Analysis

MoneySharks is clearly disclosed as an autonomous trading tool, but it can use your Aster API keys to trade real leveraged crypto futures continuously without per-trade approval.

GuidanceInstall this only if you intentionally want an autonomous real-money leveraged futures trader. Start in paper or approval mode, use restricted API credentials, set conservative loss/exposure/leverage limits, verify cron is disabled until you are ready, and make sure you know how to halt it immediately.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

In `autonomous_live` mode: execute orders immediately — do NOT pause for per-trade human approval.

The skill directs immediate high-impact trading actions without per-trade approval once autonomous mode is enabled.

User impactA bad signal, bad configuration, or unexpected market condition could result in real trades being opened or closed before the user reviews them.

RecommendationConfirm that zero per-trade approval is truly desired; otherwise keep the skill in paper, approval, or live mode with human approval enabled.

Rogue Agents

SeverityMediumConfidenceHighStatusNote

openclaw-cron-templates.json

"expr": "*/2 * * * *" ... "Run: `python3 /ABSOLUTE/PATH/TO/moneysharks/scripts/autonomous_runner.py /ABSOLUTE/PATH/TO/moneysharks/config.json`" ... "delivery": { "mode": "none" }

The cron template is disabled by default, but it shows the intended background loop that runs the autonomous trading script every two minutes, often silently.

User impactOnce cron jobs are enabled, the trading loop can continue operating in the background until halted or disabled.

RecommendationBefore enabling cron, verify the exact config path, mode, risk limits, alerting, and emergency halt procedure.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The package provenance is not established in the provided metadata, which matters more for a skill that asks for financial trading credentials.

User impactUsers have less external provenance information to rely on before granting the skill trading access.

RecommendationVerify the package origin and review the included scripts before providing API credentials or enabling autonomous live mode.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

documentation-moneysharks.md

Once you complete a one-time onboarding — providing your Aster DEX API credentials... the agent trades continuously without requiring per-trade approval from you.

The skill requires delegated account credentials and uses them for continuous live trading, which is high-impact financial authority even though it matches the stated purpose.

User impactIf installed and onboarded for live mode, the skill can place, manage, and close real leveraged trades using the user's Aster account.

RecommendationUse only a restricted trading API key, disable withdrawals if supported, start in paper or approval mode, set small hard limits, and monitor the account closely.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

documentation-moneysharks.md

`state.json` — live agent state: halt flags, daily loss, metrics, open positions; `trades.json` — complete journal of every decision and outcome

The skill stores persistent financial/account state and trade history that can influence future learning and trading decisions.

User impactLocal state files may reveal trading activity and account-related metrics, and tampering with them could affect future decisions.

RecommendationStore the skill directory securely, restrict file permissions, back up state before changes, and review trades/state files periodically.