Crypto Backtest
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these packages gives dependency code access inside the Python environment where the command is run.
The skill asks users to install unpinned third-party Python packages. This is expected for a ccxt-based market data tool, but users still rely on package registry provenance.
pip install ccxt numpy
Install in a virtual environment, verify package names, and consider pinning known-good versions before use.
The selected exchange may receive the requested symbol, timeframe, and network metadata such as IP address.
The engine contacts a user-selected ccxt exchange to fetch OHLCV market data. This is purpose-aligned and the visible code shows a read-only market-data call rather than trading actions.
exchange = exchange_class({"enableRateLimit": True, "options": {"defaultType": "swap"}})
candles = exchange.fetch_ohlcv(symbol, timeframe, limit=limit)Use trusted exchanges and avoid assuming the backtest is private from the market-data provider.