← Back to Skills Marketplace
Kraken Exchange
by
beknar.askarov
· GitHub ↗
· v0.3.2
567
Downloads
0
Stars
0
Active Installs
8
Versions
Install in OpenClaw
/install tentactl
Description
Interact with the Kraken cryptocurrency exchange — spot + futures, REST + WebSocket. Use when: (1) checking crypto prices or market data, (2) viewing account...
Usage Guidance
This skill is internally consistent and appears to do what it claims, but you should: (1) only install or run it if you trust the tentactl binary/repo (inspect source or use official GitHub Releases), since the wrapper delegates all action to that binary; (2) prefer creating least-privilege Kraken API keys (read-only for queries, narrow trading perms only when needed) and keep them in a secure vault; (3) be aware the setup script can read from your local 1Password CLI (it lists item titles and can reveal fields) — run it only on machines you control; (4) test trading actions with validate:true and explicit user confirmation (the SKILL.md recommends this); and (5) if you need higher assurance, review tentactl's source or build the binary locally rather than installing an unsigned release.
Capability Analysis
Type: OpenClaw Skill
Name: tentactl
Version: 0.3.2
This skill is classified as suspicious due to its inherent high-risk capabilities, including real-money trading, fund transfers, and withdrawals on a cryptocurrency exchange, as well as its method of installing and handling API keys. While the `SKILL.md` includes explicit 'Safety Rules' to mitigate prompt injection and ensure user confirmation for sensitive actions, the `cargo install tentactl` command in `SKILL.md` and `scripts/kraken.sh` represents a supply chain risk, as it executes an external binary (`tentactl`) which, if compromised, could lead to arbitrary code execution. Additionally, `scripts/setup-keys.sh` handles sensitive API keys, storing them in `~/.tentactl.env` and interacting with the 1Password CLI, which are sensitive operations that, while seemingly legitimate for setup, contribute to the overall risk profile.
Capability Assessment
Purpose & Capability
Name/description (Kraken spot + futures, REST + WS) match the requested binary (tentactl) and the KRAKEN_API_KEY/KRAKEN_API_SECRET environment variables. The included wrappers and docs all call tentactl and target Kraken endpoints — the requested pieces are proportionate to the stated purpose.
Instruction Scope
SKILL.md and scripts instruct the agent to run the tentactl MCP binary via scripts/kraken.sh and scripts/kraken.py, load ~/.tentactl.env for keys, and optionally use the provided setup-keys.sh to populate that file (including using the 1Password CLI). The instructions do not read unrelated system files or attempt to transmit secrets to unexpected endpoints; everything stays within Kraken/tentactl usage. Note: setup-keys.sh will enumerate and print 1Password item titles for user selection (local op CLI usage).
Install Mechanism
There is no platform-level install spec, but SKILL.md contains an 'install via cargo' recommendation (cargo install tentactl / GitHub Releases). Using cargo or GitHub releases is a reasonable install path. Because the skill delegates to an external binary, the security depends on the trustworthiness of the tentactl binary/repo; the skill itself does not fetch arbitrary archives or run downloads from untrusted URLs.
Credentials
Only KRAKEN_API_KEY and KRAKEN_API_SECRET are required for authenticated actions, which is appropriate. The scripts optionally respect KRAKEN_ENV_FILE and KRAKEN_MCP_BINARY but do not require unrelated credentials. Keys are written to ~/.tentactl.env (documented) with chmod 600 — reasonable but means the file contains long-lived credentials.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. It writes and reads only its own env file (~/.tentactl.env) and does not modify other skills or global agent settings. Autonomous invocation is allowed (platform default) but not combined with any unusual privileges here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install tentactl - After installation, invoke the skill by name or use
/tentactl - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.3.2
Release v0.3.2
v0.3.1
Release v0.3.1
v0.3.0
10 new tools (114 total), comprehensive error handling, cleanup
v0.2.1
Release v0.2.1
v0.2.0
Release v0.2.0
v0.1.2
Address security scan concerns: declare credentials, env vars, file writes, network access, and binary source in metadata
v0.1.1
Release v0.1.1
v0.1.0
Initial release
Metadata
Frequently Asked Questions
What is Kraken Exchange?
Interact with the Kraken cryptocurrency exchange — spot + futures, REST + WebSocket. Use when: (1) checking crypto prices or market data, (2) viewing account... It is an AI Agent Skill for Claude Code / OpenClaw, with 567 downloads so far.
How do I install Kraken Exchange?
Run "/install tentactl" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Kraken Exchange free?
Yes, Kraken Exchange is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Kraken Exchange support?
Kraken Exchange is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Kraken Exchange?
It is built and maintained by beknar.askarov (@askbeka); the current version is v0.3.2.
More Skills