ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Alpaca Trading

v2.1.0

Trade stocks, ETFs, options, and crypto via Alpaca's REST API using curl. Full options support (buy/sell calls & puts, covered calls, cash-secured puts, spre...

2· 2.1k·15 current·16 all-time
by@lacymorrow
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The SKILL.md, README, references, and scripts/alpaca.sh consistently implement an Alpaca REST API wrapper for trading and market data. The requested capabilities (orders, positions, market data, options) match the stated purpose.
Instruction Scope
The runtime instructions are narrowly scoped to calling Alpaca endpoints via the included scripts/alpaca.sh wrapper and to sourcing the script from the skill directory. The script requires APCA_API_KEY_ID and APCA_API_SECRET_KEY and uses them only in HTTP headers to call Alpaca endpoints (expected for a trading integration). There are no instructions to read unrelated system files or exfiltrate data to third-party endpoints.
Install Mechanism
No install spec; the skill is instruction-only plus a small shell script included in the bundle. No downloads or archive extraction are present. This is low risk from installation mechanics.
!
Credentials
The SKILL.md and scripts require Alpaca API keys (APCA_API_KEY_ID and APCA_API_SECRET_KEY) and expect curl and optionally jq/python. However the registry metadata lists 'required env vars: none' and 'required binaries: none' — this mismatch is suspicious. Requesting Alpaca API keys is proportionate for trading functionality, but the developer registry should have declared these credentials. Additionally the skill can place live trades if APCA_API_BASE_URL is set to the live endpoint; the manifest notes paper by default but source is unknown. Use of full trading credentials carries high risk if the skill is untrusted.
Persistence & Privilege
always:false and default autonomous invocation settings are normal. The skill does not request system-wide configuration or modify other skills. However autonomous invocation combined with trading credentials means the agent could place orders without additional manual steps if not properly gated by the platform — consider limiting invocation or using only paper keys.
What to consider before installing
This skill is functionally coherent: it contains a small shell wrapper that uses your Alpaca API key and secret to call Alpaca endpoints. However the registry metadata incorrectly omits the required environment variables and required binaries (curl/jq), and the source/homepage is not clearly provided — both are red flags you should consider before installing. If you decide to proceed: - Only provide paper/trading-sandbox API keys (not your live production keys) until you trust the author. Rotate keys afterward. - Confirm how your agent is allowed to invoke skills (disable autonomous invocation or require explicit user confirmation for order-placement flows if possible). - Verify the skill's source (the README references a GitHub repo; review that repository to confirm authorship and check for tampering). - Ensure you understand that the included script will send your API keys in request headers to Alpaca endpoints (expected) and that granting those keys grants the skill the ability to place/cancel orders and access account data. If you need higher assurance, request the maintainer add the env vars and required binaries to the registry metadata and provide a verifiable homepage/source before using live funds.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fm2htymyeh1azp9wdbkyz15832pkf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments