Base Trader
Security checks across malware telemetry and agentic risk
Overview
This skill is openly for crypto trading, but it can direct autonomous buys and sells using a Bankr wallet, with under-declared wallet/config access and no hard per-trade approval guardrails shown.
Only install or use this with a dedicated low-balance trading wallet, review the separate Bankr skill first, require manual confirmation for every trade, and do not enable cron or heartbeat automation until you have verified hard spending limits, stop conditions, and a way to cancel active orders.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled or invoked too broadly, the agent could place trades or orders that lose money or change the user's portfolio without a fresh manual review.
The skill instructs autonomous execution of Bankr trade commands that can spend or sell crypto assets. The artifacts do not show a hard approval step before each trade.
When running autonomously (via cron or heartbeat): ... # Execute trade ~/clawd/skills/bankr/scripts/bankr.sh "Buy $25 of TOKEN on Base"
Use a separate low-balance wallet, require explicit confirmation for every buy/sell/order, and set Bankr-side spending and trading limits before using this skill.
Users may not realize installation or invocation depends on wallet/account authority capable of moving funds.
The skill relies on a local Bankr configuration and wallet funds to perform trades, but the registry metadata declares no primary credential and no required config paths.
- Bankr API configured at `~/.clawdbot/skills/bankr/config.json` - ETH in your Bankr wallet for gas and trading
Declare the Bankr wallet/config dependency clearly, document the exact permissions needed, and avoid using a wallet that holds more funds than the user is willing to risk.
A user could over-trust the stated safety controls even though they appear to be instruction-level guidance rather than enforced technical limits.
The README presents automatic safety halts, but the included code only checks portfolio and logs trades; no hard enforcement mechanism for these limits is shown.
Emergency Stops Trading halts automatically if: - Daily loss exceeds 20% - 3 consecutive losing trades - Portfolio down 30% from peak
Treat the loss limits as advisory unless Bankr or another system enforces them; verify any automated halt behavior before allowing autonomous trading.
If the user enables the schedule, trading checks or actions may occur without the user actively prompting each step.
The skill documents scheduled autonomous operation. No cron job is installed by the artifacts, but the documented mode could keep trading-related activity running after initial setup.
## Autonomous Trading Mode When running autonomously (via cron or heartbeat): ### Morning Scan (9 AM) ... ### Midday Check (1 PM) ... ### Evening Review (6 PM)
Do not enable cron/heartbeat operation unless you understand the schedule, spending caps, cancellation process, and notification behavior.
The safety of this skill depends partly on the separate Bankr skill/script and its configuration.
The package calls an external Bankr script that is not included in this skill's manifest, so its behavior and provenance are outside this review.
BANKR_SCRIPT="$HOME/clawd/skills/bankr/scripts/bankr.sh" ... "$BANKR_SCRIPT" "Show my complete portfolio on Base"
Install Bankr only from a trusted source and review its permissions before using this trading skill.
Anyone with access to the skill directory may be able to see trade history and performance information.
The skill stores a persistent local trade journal and performance data, which is purpose-aligned but may reveal financial activity.
Log every trade to `data/trades.json` ... After each trade, update the journal. Review weekly for pattern analysis.
Keep the skill directory private and avoid logging sensitive wallet details beyond what is needed for tracking.