Standx Cli
WarnAudited by ClawScan on May 10, 2026.
Overview
This appears to be a genuine StandX trading helper, but it gives the agent financially sensitive trading authority without clear approval guardrails.
Review this carefully before installing. It is not clearly malicious, but it can operate a crypto trading account. Use read-only actions unless you intentionally want trading enabled, keep credentials tightly controlled, and require explicit confirmation for any order, cancel-all, leverage, or margin command.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent invokes these commands incorrectly or too broadly, it could place trades, cancel orders, or change leverage on the user's exchange account, potentially causing financial loss.
These commands can create or cancel trading orders and change leverage. The same documentation mentions dry-run as an option, but does not require user confirmation or dry-run before real financially impactful actions.
standx order create BTC-USD buy limit --qty 0.01 --price 60000 ... standx order cancel-all BTC-USD ... standx leverage set BTC-USD 10
Only install if you are comfortable with agent-assisted trading. Require explicit confirmation for order creation, cancel-all, leverage, and margin changes, and prefer dry-run mode before executing real trades.
Anyone or any process with access to these credentials may be able to read account information or authorize trading actions, depending on StandX permissions.
The skill explicitly uses a StandX JWT and optional private key. This is consistent with the trading purpose, but these credentials grant sensitive account and trading authority.
"primaryCredential": { "kind": "env", "env": "STANDX_JWT" } ... "STANDX_PRIVATE_KEY", "description": "Ed25519 private key (Base58) for trading operations", "sensitive": trueUse the least-privileged StandX credentials available, keep them out of chat messages and shell history, rotate them regularly, and remove them when not using the skill.
A compromised or incorrect release binary could run with the user's privileges and then handle trading credentials.
The install script downloads a prebuilt binary and installs it with sudo, but the artifact does not show checksum or signature verification. This is a common CLI install pattern, but users must trust the release source.
curl -L -o /tmp/standx.tar.gz https://github.com/wjllance/standx-cli/releases/download/v0.3.5/... && tar -xzf /tmp/standx.tar.gz -C /tmp && sudo mv /tmp/standx /usr/local/bin/
Prefer a trusted package source, verify the GitHub repository and release checksums/signatures if available, and avoid running the direct sudo install path unless you trust the publisher.