Orderly Ui Components
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: orderly-ui-components Version: 1.0.0 The skill bundle provides legitimate documentation and React code examples for building trading interfaces using the Orderly Network UI components (@orderly.network/react). The content consists entirely of standard frontend development patterns, provider setups, and component usage examples without any signs of malicious intent, data exfiltration, or suspicious execution logic.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If copied into a real application, this pattern could submit real trades through the connected trading workflow.
The sample wires the OrderEntry component to submit trading orders. This is central to the skill's trading-UI purpose, but order submission is a high-impact financial action.
await onSubmit(params); console.log('Order submitted');Use explicit user confirmation, validation, risk limits, and clear error handling before enabling real order submission.
A user may connect a wallet that can authorize trading or account actions in the resulting app.
The examples include connecting a user's crypto wallet/account. This is expected for a decentralized trading interface, but it involves sensitive account authority.
<WalletConnect /> ... onClick={() => wallet.connect()}Make wallet connection explicit, show the connected address and network, and require normal wallet/provider confirmations for sensitive actions.
The resulting project will depend on external packages that may change over time if versions are not pinned.
The documentation instructs users to install external npm packages without pinned versions. This is a normal setup step for the stated purpose, but package provenance and versioning still matter.
npm install @orderly.network/react @orderly.network/hooks @orderly.network/types
Verify the package source, pin reviewed versions in your project lockfile, and review dependency updates before deploying.