aiusd-core
WarnAudited by ClawScan on May 18, 2026.
Overview
This is a high-impact financial trading skill that delegates wallet, token, and trading actions to an unpinned npm CLI with limited reviewed code or credential-boundary detail.
Install only if you trust the aiusd-core npm package and are comfortable letting it control a trading account. Use a dedicated low-balance wallet, verify the package and credential storage, and insist on explicit confirmation for every trade, withdrawal, staking action, leverage order, or automated monitor.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A changed or compromised npm package could affect trades, wallet login, withdrawals, or account operations.
All high-impact financial actions depend on code resolved from npm at runtime, while the submitted skill contains no reviewed implementation or pinned package version.
All commands in this skill use `npx -y aiusd-core` as the CLI prefix. This works without any global installation — npx resolves the package from npm automatically.
Only use this with a verified npm package and a dedicated low-balance account; prefer a pinned, audited version and review npm provenance before authorizing trades or wallet actions.
The agent may perform follow-up deposits, funding steps, or order-related actions based on tool output rather than pausing for the user to review exact amounts and destinations.
For a tool that places trades and moves funds, letting CLI-returned next steps drive follow-up actions without a fresh confirmation creates an approval-boundary risk.
When a command returns `action_required` with `next_steps`, execute those steps directly. The user has already confirmed the intent — do not ask again unless the next step involves a different action than what was originally requested.
Require explicit user confirmation for every fund movement, order placement, leverage change, withdrawal, staking action, or auto-funding step, even when returned as a next step.
The CLI may receive authority over a wallet or trading account, and mishandling the token or mnemonic could expose funds or account access.
The skill uses stored login tokens and can restore from a mnemonic backup, but the registry declares no primary credential and the artifacts do not describe storage location, scope, retention, or protection.
`npx -y aiusd-core login --poll-session <session_id>`. This blocks until the user signs in, then saves the token and exits with "Login successful". ... `npx -y aiusd-core login --restore <path>`.
Use a separate wallet with limited funds, avoid restoring a high-value mnemonic, and verify where the CLI stores credentials before logging in.
After setup, the system may automatically buy tokens when a monitored signal triggers.
The monitor feature intentionally creates ongoing conditional auto-trading behavior; it is disclosed, budgeted, and has list/cancel commands, but users should understand it can act later without another prompt.
Watches an X account for bullish signals. When triggered, auto-buys the mentioned token with the budget.
Set small budgets, use stop-loss/take-profit limits where available, regularly list active monitors, and cancel monitors that are no longer needed.