ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

UnifAI Trading Suite

v1.0.0

AI-powered trading insights suite: prediction markets (Polymarket/Kalshi) and social sentiment signals powered by UnifAI.

0· 2k·0 current·0 all-time
byZheng "Bruce" Li@zbruceli
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Overall purpose (prediction-market + social signals) aligns with the included code (Kalshi, Polymarket, social-signals, trading agent). Requesting UnifAI + Google API keys is expected for LLM/toolkit-driven analysis. However, registry metadata (top-level manifest) lists no required env vars while the SKILL.md frontmatter and many scripts expect UnifAI/Google keys — and the names are inconsistent (SKILL.md mentions UNIFAI_API_KEY while most code checks for UNIFAI_AGENT_API_KEY / UNIFAI_TOOLKIT_API_KEY). This mismatch is incoherent and could cause accidental credential exposure or misconfiguration.
!
Instruction Scope
SKILL.md instructs running included CLI scripts that instantiate a TradingAgent and SocialSignalProcessor. The CLAUDE.md and code describe UnifAI dynamic tool discovery and list UnifAI tools that include trade execution (limitOrderBuy/Sell, marketOrder, and a sample execute_trade toolkit action). While the example CLI scripts in skills appear read-only, the agent/tooling layer can discover and call tool actions that place trades if appropriate toolkit credentials are present. The runtime instructions do not explicitly limit or disallow trade-execution capabilities or mention how to sandbox them, so there's scope for the agent to perform actions beyond passive analysis depending on which API keys / toolkit permissions you supply.
Install Mechanism
This is an instruction-only skill in the registry (no install spec). The repo includes code and a standard requirements/pyproject listing (unifai-sdk, litellm, google-generativeai, web3, etc.). No remote download/extract install steps were provided, so there is no high-risk external installer in the skill metadata. Still, installing the listed dependencies will pull networked packages.
!
Credentials
The code and documentation expect several API keys (UNIFAI_AGENT_API_KEY, UNIFAI_TOOLKIT_API_KEY, GOOGLE_API_KEY, POLYMARKET_API_KEY, ALCHEMY_API_KEY, etc.) per config/settings.py and README. The top-level registry metadata declared no required env vars, and SKILL.md frontmatter uses a different name (UNIFAI_API_KEY). This inconsistency increases the risk of accidentally supplying overly-privileged credentials. In particular, UnifAI toolkit/API keys and any web3/Alchemy keys could allow state-changing operations (trade execution, on-chain transactions) if the code invokes those capabilities — the project explicitly references action names like execute_trade and Polymarket/Kalshi order APIs in its documentation.
Persistence & Privilege
The skill does not request always:true and is user-invocable. It does not declare any special install-time persistence behavior in the registry. Autonomous invocation (disable-model-invocation=false) is the platform default and not by itself a red flag; combine with other concerns when deciding.
What to consider before installing
What to check before installing or running this skill: - Do not paste high-privilege or wallet/private-key secrets. The code and docs reference UnifAI toolkit actions and Polymarket/Kalshi trade APIs (including limit/market order actions), so supplying full trading credentials or private keys could enable the agent to execute trades. - Verify which exact environment variable names the runtime uses. The SKILL.md frontmatter, individual skill SKILL.md files, and code are inconsistent (UNIFAI_API_KEY vs UNIFAI_AGENT_API_KEY vs UNIFAI_TOOLKIT_API_KEY). Only set the env vars the code explicitly checks for (search the repository for os.getenv usages) and prefer read-only API keys where possible. - Inspect trading_agent.py and any UnifAI toolkit integration before running. Look for any methods that call execute/placement functions, web3 account signing, or call UnifAI tools that have order/trade actions. If you only want read-only analysis, ensure those execution paths are disabled or you provide restricted credentials. - Run in a sandboxed environment (VM/container) and use ephemeral/restricted API keys. If you test, avoid using real funds or privileged keys; prefer read-only or limited-scope keys. - Confirm provenance: the registry lists a GitHub homepage but owner info is unknown. Review the upstream repository (https://github.com/zbruceli/trading) and check commits, contributors, and issues to gain confidence. - If you plan to trust this skill in production or for autonomous use, ask the maintainer for clear documentation about what operations are purely read-only versus which require toolkit keys and can perform stateful actions. Consider an audit of code paths that call external APIs, web3 signing, or UnifAI tool calls before enabling autonomous invocation.

Like a lobster shell, security has layers — review code before you run it.

latestvk979rf6h0z3jtstyg9rqkvy8kd806rq2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments