Orderly Ui Components
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If copied into a real application, this pattern could submit real trades through the connected trading workflow.
The sample wires the OrderEntry component to submit trading orders. This is central to the skill's trading-UI purpose, but order submission is a high-impact financial action.
await onSubmit(params); console.log('Order submitted');Use explicit user confirmation, validation, risk limits, and clear error handling before enabling real order submission.
A user may connect a wallet that can authorize trading or account actions in the resulting app.
The examples include connecting a user's crypto wallet/account. This is expected for a decentralized trading interface, but it involves sensitive account authority.
<WalletConnect /> ... onClick={() => wallet.connect()}Make wallet connection explicit, show the connected address and network, and require normal wallet/provider confirmations for sensitive actions.
The resulting project will depend on external packages that may change over time if versions are not pinned.
The documentation instructs users to install external npm packages without pinned versions. This is a normal setup step for the stated purpose, but package provenance and versioning still matter.
npm install @orderly.network/react @orderly.network/hooks @orderly.network/types
Verify the package source, pin reviewed versions in your project lockfile, and review dependency updates before deploying.