Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Crypto Trading
v1.0.0Automatically executes trading decisions every 10 minutes using dual AI analysis, technical indicators, and strict risk and position management rules for BTC...
⭐ 0· 630·8 current·8 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The description promises automated trading and market order execution, but the skill declares no exchange integration, no API keys, and no code files. A legitimate trading skill would normally require exchange API credentials and concrete connector code. The SKILL.md lists many project .py files yet none are provided in the package.
Instruction Scope
Runtime instructions tell the agent to fetch market data, call Dify AI and OpenClaw, compute orders (order_amount.py), execute market orders, and write logs to specific user paths (/Users/...). These instructions reference local project files and user home paths that are not part of the skill and do not declare the external endpoints, credentials, or scheduling mechanism. The guidance is both vague (no API endpoints or auth) and expansive (filesystem writes, executing trades).
Install Mechanism
There is no install spec (instruction-only), which is low risk in isolation. However, because SKILL.md expects local project files and executables, the lack of an install or bundled code makes the skill incomplete and increases the chance that an agent will attempt unsafe actions (searching for files, invoking local scripts) to satisfy the instructions.
Credentials
The skill declares no required environment variables or primary credential, yet its operation would reasonably require sensitive secrets (exchange API keys/secret, API keys for Dify/OpenClaw/qwen). The absence of declared credentials is a mismatch — either the skill omitted required sensitive inputs, or it expects to read unspecified local credentials/configs (the SKILL.md references user config paths). Both are disproportionate and unexplained.
Persistence & Privilege
always:false (not force-included) and autonomous invocation enabled (default). Autonomous invocation plus the ability to execute trades would increase blast radius if the skill were given credentials, but autonomous invocation alone is normal. Still, combining autonomous operation with the trading actions described would be high-risk — confirm explicit user consent and credential scoping before use.
What to consider before installing
Do not install or grant credentials yet. This skill is incomplete and inconsistent: it references local Python files and user directories that are not provided, and it describes executing live market orders while declaring no exchange/API credentials or endpoints. Before proceeding, ask the author to: (1) provide the missing code or a clear install procedure, (2) list exactly which exchange(s) are supported and how API keys should be supplied and scoped, (3) show how Dify/OpenClaw are called (endpoints, required keys), (4) remove or explain hard-coded local file paths and confirm where logs and state will be stored, (5) provide a way to run in read-only/simulated mode for testing, and (6) supply a security review or provenance for the code. If you must test, do so only in a tightly sandboxed environment with no real exchange credentials (use paper/simulated accounts) and only after reviewing the actual code that will be executed.Like a lobster shell, security has layers — review code before you run it.
latestvk97179cnpwb1sep1tg7nep9va1826ag6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.