ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

pionex-market

v1.0.0

Use when the user asks for Pionex market data: price, ticker, order book depth, recent trades, symbol info (precision/min size), or OHLCV klines. All command...

0· 62·0 current·0 all-time
by@pibrandon

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for pibrandon/pionex-market.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "pionex-market" (pibrandon/pionex-market) from ClawHub.
Skill page: https://clawhub.ai/pibrandon/pionex-market
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pionex-market

ClawHub CLI

Package manager switcher

npx clawhub@latest install pionex-market
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared runtime behavior (read-only market queries via a CLI) matches the skill name and description. However, the SKILL.md includes a requires.install entry to install @pionex/pionex-ai-kit and a required binary pionex-trade-cli, while the registry metadata lists no required binaries or install spec. That mismatch is an incoherence the user should notice.
Instruction Scope
The SKILL.md is narrowly scoped to installing the pionex-trade-cli and running read-only market commands. It does not instruct reading unrelated files, environment variables, or sending data to unexpected endpoints. It does, however, instruct a global npm install which affects the host environment.
!
Install Mechanism
Installation is via an npm package (@pionex/pionex-ai-kit) called out in SKILL.md. npm installs are a common, plausible mechanism for providing a CLI, but the registry metadata contains no install spec (inconsistency). Because the skill is instruction-only and the package would be pulled from the public npm registry, you should verify the package name, publisher, and source repository before installing; arbitrary npm packages can contain malicious postinstall scripts or unexpected binaries.
Credentials
No environment variables, credentials, or config paths are requested. The skill claims market data is public and needs no API keys, which is proportionate for the stated purpose.
Persistence & Privilege
always is false and there are no flags requesting permanent presence or modifications to other skills. The skill does request installing a CLI (which creates binaries on the system) but does not request elevated privileges or autonomous always-on installation.
What to consider before installing
This skill is plausibly a straight-forward market-data helper, but there are a few red flags to check before installing: 1) SKILL.md requests installing @pionex/pionex-ai-kit (global npm install) while the registry metadata claims no install — ask the publisher why they differ. 2) Verify the npm package is the official Pionex package (check the package page, author/publisher, GitHub repo, and release history) and inspect its source or tarball for postinstall scripts or unexpected behavior. 3) Prefer installing in an isolated environment (container, VM, or non-global npm prefix) rather than globally. 4) If you need higher assurance, request a signed checksum or a link to an official Pionex repo/homepage matching the package. These steps will reduce risk and increase confidence that the skill is what it claims to be.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f6db0e1ekme769qmjjejxwx84y4am
62downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@pibrandon
latest
Download

Pionex Market Data CLI

Public market data for Pionex: order book depth, trades, tickers, symbol metadata, and OHLCV klines. All commands are read-only and do not require API credentials.
API reference: Pionex API Docs.

Prerequisites

  1. Install pionex-trade-cli CLI (from @pionex/pionex-ai-kit): 
    npm install -g @pionex/pionex-ai-kit
  2. No credentials needed for market data.
  3. Verify: 
    pionex-trade-cli market tickers --symbol BTC_USDT

Skill Routing

  • For market data (depth, tickers, symbols, klines, trades) → use pionex-market (this skill).
  • For account balance → use pionex-portfolio.
  • For placing/cancelling orders → use pionex-trade.
  • For futures grid bot lifecycle → use pionex-bot.

Quickstart

# Order book depth (bids/asks)
pionex-trade-cli market depth BTC_USDT --limit 5

# Recent trades
pionex-trade-cli market trades BTC_USDT --limit 10

# Symbol metadata (precision, min size) — use before placing orders
pionex-trade-cli market symbols --symbols BTC_USDT

# 24h ticker(s)
pionex-trade-cli market tickers --symbol BTC_USDT
pionex-trade-cli market tickers --type SPOT

# Best bid/ask ticker(s)
pionex-trade-cli market book_tickers --symbol BTC_USDT
pionex-trade-cli market book_tickers --type PERP

# OHLCV klines (candlestick)
pionex-trade-cli market klines BTC_USDT 60M --limit 24
pionex-trade-cli market klines BTC_USDT 1D

Command Index

#CommandTypeDescription
1pionex-trade-cli market depth <symbol> [--limit <n>]READOrder book depth (bids/asks); limit 1–100, default 5
2pionex-trade-cli market trades <symbol> [--limit <n>]READRecent public trades; limit 1–100
3pionex-trade-cli market symbols [--symbols <list>] [--type SPOT|PERP]READSymbol metadata (precision, min size). Comma-separated symbols or type filter
4pionex-trade-cli market tickers [--symbol <s>] [--type SPOT|PERP]READ24h ticker(s): open, close, high, low, volume
5pionex-trade-cli market book_tickers [--symbol <s>] [--type SPOT|PERP]READBest bid/ask ticker(s) for one symbol or all symbols by type
6pionex-trade-cli market klines <symbol> <interval> [--endTime <ms>] [--limit <n>]READOHLCV klines. interval: 1M, 5M, 15M, 30M, 60M, 4H, 8H, 12H, 1D

Cross-Skill: Check price/symbol before order

Before placing an order, use this skill to get last price and symbol rules:

# 1. Current price / 24h range
pionex-trade-cli market tickers --symbol BTC_USDT

# 2. Min size / precision (avoid TRADE_AMOUNT_FILTER_DENIED)
pionex-trade-cli market symbols --symbols BTC_USDT

Then use pionex-trade to place the order (after checking balance with pionex-portfolio if needed).

Comments

Loading comments...