Upbit Trading Skill
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This crypto trading skill is not clearly bounded: it uses Upbit account keys and repeatedly executes an unreviewed shell helper outside the skill package.
Review carefully before installing or running. If you test it, use a separate Upbit API key with the minimum permissions possible, preferably read-only, and do not provide trading permissions unless the code is revised and fully understood. Also verify or remove the external ../zai/ask.sh dependency, because it is not included in the reviewed package.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Starting the bot may run code that was not included in the reviewed package, and malformed local data could potentially affect the shell command.
Running the bot executes a shell command to a script outside the provided skill directory. The command is built as a shell string and only escapes double quotes in the prompt, leaving a higher risk of unexpected shell behavior if local position data or paths are manipulated.
const result = execSync(
`cd ${__dirname}/../zai && ./ask.sh "${prompt.replace(/\"/g, '\\\\"')}" glm-4.7`,Do not run this until the GLM integration is implemented as a reviewed, included dependency or a direct API call using safe argument passing such as spawn/execFile, with clear input validation.
The skill may fail or may execute whatever local script happens to exist at that relative path.
The skill depends on a helper located outside the supplied manifest. The artifact set also has no install spec, so the provenance and contents of this helper are not reviewable here.
cd ${__dirname}/../zai && ./ask.shPackage and declare all runtime helpers and dependencies, or remove the external helper dependency before installation.
A user may provide exchange API keys without realizing the skill has authenticated access to their Upbit account data, and the artifacts do not clearly limit what permissions those keys should have.
The code reads Upbit financial account credentials and uses them to sign authenticated API requests, while the registry metadata declares no required environment variables or primary credential.
const ACCESS_KEY = process.env.UPBIT_ACCESS_KEY; const SECRET_KEY = process.env.UPBIT_SECRET_KEY;
Require explicit credential declarations and instruct users to create least-privilege, read-only Upbit API keys unless trading permissions are truly needed and clearly controlled.
Users may rely on features or safety notifications that are not present in the reviewed artifacts, which is especially risky for a financial trading tool.
The documentation advertises Telegram notifications and an analyze.js file, but the provided manifest and source files do not include Telegram notification code or analyze.js.
- 📱 **텔레그램 알림**: 실시간 이벤트 알림 ... - `analyze.js` - 시장 분석
Align the documentation with the shipped code and clearly state which trading, alerting, and analysis features are actually implemented.
Once started, it keeps running and making network/API/helper calls until the process is stopped.
The bot is intended to run continuously and perform repeated price checks and analysis until interrupted.
setInterval(mainLoop, CONFIG.priceCheckInterval);
Run it only in a controlled terminal/session and stop it explicitly when monitoring is no longer needed.