Alpaca Py Cli
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If live Alpaca keys are configured, an agent mistake or ambiguous request could place real trades or cause financial loss.
The skill gives an agent live-capable order execution authority. The artifacts do not show clear per-order human confirmation, spend limits, symbol limits, or paper-only enforcement.
"execute orders via natural language" ... "Live Trading (real money)" ... "Real money, real risk"
Keep paper mode enabled by default, require explicit human confirmation for every order with symbol/side/quantity/account mode, and enforce account-side limits before using live keys.
The agent could be exposed to trading credentials or account setup flows that the user expected to handle manually.
The setup instructions contemplate agent-assisted financial account registration and API-key acquisition, then saving those keys, while the boundaries for what the agent may see or handle are unclear.
"Use browser automation to complete registration steps automatically" ... "After obtaining keys via browser, call `alpaca auth` to save them"
Have the user perform registration and API-key generation manually where possible; if an agent assists, keep secrets out of transcripts, require explicit consent, and use paper or least-privilege keys.
The agent may run an unreviewed or unexpected `alpaca` executable from the user’s PATH or workspace.
The provided artifact set contains no code files, but setup expects a local alpaca executable. For a high-impact trading skill, the actual command behavior is not present for review.
"Use full path: ~/.openclaw/workspace/skills/alpaca-py-cli/scripts/alpaca, or add scripts directory to PATH"
Publish and review the CLI code or pin a trusted install source; before running commands, verify `which alpaca` and inspect the executable that will handle credentials and trades.
Users may underestimate how exposed their Alpaca API keys are once saved into shell startup files.
The documentation makes a reassuring claim that conflicts with its own warning that shell-access agents can read environment variables.
"Agents with shell access can read environment variables" ... "✅ Agent can't access keys directly"
Clarify that agents or processes with shell access may read or use the environment variables, and remove the claim that the agent cannot access keys directly.