ClawHub

Beta TA Paper Executor

v1.0.0

Execute and track paper trades from TA setups with JSONL ledger, open/close workflow, and mark-to-market status.

0· 47·0 current·0 all-time
by@1477009639zw-blip
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the provided script and SKILL.md: the tool implements a local paper-trade ledger (place/close/status) and does not require unrelated credentials, binaries, or external services.
Instruction Scope
The SKILL.md instructs running the included Python script which writes an append-only JSONL ledger under ~/.openclaw by default — this is expected for a paper-trader. Notes: the ledger path is configurable via --ledger (so callers can write to arbitrary paths if they supply them), and there is no file locking or concurrency protection (race conditions and duplicate IDs possible if run concurrently).
Install Mechanism
Instruction-only skill with no install spec and no external downloads; uses the local Python runtime (python3) which is appropriate and proportional.
Credentials
No environment variables, credentials, or unrelated config paths are requested. The script only uses the user's home directory to store the ledger by default.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence. It writes only to a per-user ledger path by default; autonomous model invocation is allowed by platform default but is not unusual or flagged here.
Assessment
This skill appears to do what it claims: manage a local, append-only JSONL paper-trading ledger. Before installing or running: (1) review or run the included script locally in a safe directory so you control the ledger path (it defaults to ~/.openclaw/...); (2) avoid passing a ledger path that points to sensitive system files (the script will attempt to create directories and append to whatever file you give it); (3) be aware there is no file locking — running multiple instances concurrently can produce duplicate IDs or race conditions; (4) there is no network activity or credential access in the code, which reduces exfiltration risk. If you want stronger safety, consider adding file-locking or atomic write semantics, validate/normalize ledger paths, and run the script under a dedicated user or container.

Like a lobster shell, security has layers — review code before you run it.

backtestingvk972cry22g3w295k3r3ct5vnah83rgs8executionvk972cry22g3w295k3r3ct5vnah83rgs8latestvk972cry22g3w295k3r3ct5vnah83rgs8ledgervk972cry22g3w295k3r3ct5vnah83rgs8paper-tradingvk972cry22g3w295k3r3ct5vnah83rgs8tradingvk972cry22g3w295k3r3ct5vnah83rgs8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments