Operate the Moltrade trading bot (config, backtest, test-mode runs, Nostr signal broadcast, exchange adapters, strategy integration) in OpenClaw.
Security Analysis
medium confidenceThe skill is coherent with a trading-bot operator (backtests, test/live runs, nostr integration) but its runtime instructions explicitly allow delegating sensitive secrets (wallet/private keys, nsec) to an agent and to run third‑party code, which creates a real exfiltration/abuse risk that isn't reflected in the registry metadata.
Name, description, and required binaries (python, pip) align with operating a Python-based trading bot, backtests, exchange adapters, and nostr signal broadcast. No unrelated services or credentials are requested in the registry metadata.
SKILL.md tells operators/agents to clone and run a GitHub repo, run pip installs, run main.py, and run the interactive init wizard that prompts for relayer URL, wallet private key, nostr nsec, and writes relayer_nostr_pubkey to config. It explicitly permits delegating the wizard to an agent if you 'trust it with the wallet key' — that delegation path permits an agent to receive, persist, and act on sensitive secrets and to execute third-party code. The instructions do advise caution but still leave wide discretion to the agent.
There is no automated install spec in the registry; SKILL.md recommends cloning from a GitHub repository (github.com/hetu-project/moltrade.git) and using pip to install requirements. Using an upstream GitHub repo and pip for a Python project is expected and proportionate; no obscure download URLs or archive extraction are included.
The registry declares no required environment variables or credentials, yet the runtime instructions require entering highly sensitive secrets (wallet private key, nostr nsec) into the repo's init workflow or CI/agent runs. That mismatch (no declared secrets but instructions to provide keys) is a red flag because it shifts sensitive input into interactive/agent-controlled flows rather than clearly declaring how secrets should be provided or protected.
The skill is not marked always:true and does not request system-wide config changes in the registry. However, because the instructions have the agent run a repo that writes relayer_nostr_pubkey and other config fields, an agent given authority could persist secrets/config locally. Also autonomous agent invocation is allowed (default), which combined with the instruction-level ability to accept keys increases the blast radius—users should be careful about granting the agent rights to run the init wizard or CI jobs with real keys.
Guidance
This skill appears to be what it claims (a Python trading bot), but it explicitly expects handling of private keys and allows delegating the init/registration to an agent — which could let an agent receive, persist, or transmit your secrets. Before installing or delegating to an agent: 1) Do NOT give the agent your wallet private key, mnemonic, or nostr nsec unless you fully trust it. Run the init wizard locally and enter secrets only on a machine you control. 2) Review the upstream GitHub code (pin to a known commit) and inspect trader/main.py and SignalBroadcaster before running. 3) Use test mode and a funded test account or hardware wallet/emulator for live testing; never use real funds until you’ve audited code and behavior. 4) Avoid storing secrets in plaintext config files; prefer an encrypted keystore or hardware wallet. 5) If you must run in CI/agent, use ephemeral credentials, role-limited keys, and isolate the runner (sandbox) and audit network endpoints (relayer URLs). 6) Consider having a security-savvy reviewer audit dependencies and any code that performs order placement or network broadcasts. These steps will reduce the real risk that an agent or third-party code could exfiltrate funds or secret keys.
Latest Release
v1.0.7
- Updated the main image in the documentation to a new background banner. - Reformatted badge links and replaced the previous center-aligned layout. - Switched the list of advantages from bullet points to numbered items for clarity. - Minor formatting and visual improvements throughout the documentation.
Popular Skills
Published by @ai-chen2050 on ClawHub
