ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Perp Lobster

v1.0.7

Trade on Hyperliquid DEX with simple commands. Place market/limit orders on perps, or run automated bots (market making, grid trading) with a web dashboard.

2· 675·0 current·0 all-time
byVibetrade@thisnewmark
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the instructions: this is a trading assistant for Hyperliquid that clones a public GitHub repo and runs its Python scripts to trade or run bots. The only mismatch is that the registry metadata declares no required env vars/credentials, while the SKILL.md instructs the user to populate perplobster/.env with HL_ACCOUNT_ADDRESS and HL_SECRET_KEY (a private key). This is coherent for the stated purpose but the metadata omission is noteworthy.
Instruction Scope
SKILL.md instructs the agent to run shell commands (git clone, source a virtualenv, run python scripts, start/stop bots). It also instructs the agent to cat setup.sh and other scripts and to get explicit user approval before executing setup scripts or placing trades. That is appropriate for this purpose, but giving the agent the ability to execute arbitrary repo scripts is powerful — the skill mitigates this by requiring user confirmation and showing scripts before execution.
Install Mechanism
No formal install spec in the registry, but the instructions ask to run the project's setup.sh which will create a venv and install dependencies (likely from PyPI). This is expected for installing a Python project, but it means code and packages will be downloaded and executed locally — review setup.sh and requirements before running.
!
Credentials
The skill runtime expects a local .env containing HL_ACCOUNT_ADDRESS and HL_SECRET_KEY (private key), yet the registry metadata lists no required environment variables or primary credential. The SKILL.md explicitly forbids asking users to paste private keys into chat and forbids the agent from reading .env, which is good practice; however, the mismatch between declared metadata and instructions could lead users to overlook the sensitive local credential requirement. Also, running the provided scripts gives those scripts access to the private key on disk — that's necessary for trading but high-sensitivity and should be scoped to a limited/subaccount wallet.
Persistence & Privilege
The skill is not force-enabled (always:false) and is user-invocable. It does not request persistent platform privileges or attempt to modify other skills. Autonomous invocation is allowed by default but not unusual; combine that with the skill's ability to run trades only after user confirmation per SKILL.md.
Assessment
What to consider before installing/using Perp Lobster: - This skill will clone and run code from https://github.com/ThisNewMark/perplobster and asks you to run its setup.sh (which installs packages). Do not run setup.sh without reviewing its contents. - The project requires you to put a private key (HL_SECRET_KEY) into perplobster/.env on your machine. The skill states it will not ask you to paste keys into chat and will not read the .env file; however, the project scripts will access that file when they run. Use an account/subaccount with minimal funds and limited permissions. - Before approving any script execution, inspect the scripts referenced (setup.sh, scripts/trade.py, start.sh, approve_builder_fee.py). The SKILL.md recommends doing this (cat file) — follow that guidance every time. - Prefer running the code in an isolated environment (VM or container) and not on a machine with other sensitive keys or tokens. Consider creating a new wallet/subaccount specifically for bots. - Verify the GitHub repo: check commit history, contributors, and issues to confirm it is the expected project and not a typo-squatted/malicious fork. - If you want stronger safety, avoid enabling autonomous invocation for this skill (require user confirmation for all actions) and do not store high-value keys on the same host. - The registry metadata does not declare the required local .env keys; treat that as a documentation gap and do not assume the skill has no credential needs.

Like a lobster shell, security has layers — review code before you run it.

latestvk9714v2x9d5jk8cw30s6vmbkq981kqew

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis

Comments