← 返回 Skills 市场

Moltrade 1.0.9

Name: Moltrade 1.0.9
Author: zhouhuihui008

作者 zhouhuihui008 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install moltrade-1-0-9

功能描述

Operate the Moltrade trading bot (config, backtest, test-mode runs, Nostr signal broadcast, exchange adapters, strategy integration) in OpenClaw.

安全使用建议

Before installing or using this skill, consider the following: 1) The bot requires sensitive credentials (exchange API keys, Nostr private key) but the skill metadata doesn’t declare them — expect the agent to prompt you for secrets at runtime. 2) Never paste private wallet keys; follow the SKILL.md advice to run initialization yourself and keep private keys local. 3) If asked to provide API keys, prefer testnet keys first, minimize permissions (no withdrawals), and enable IP whitelisting on exchange accounts. 4) Ask where and how the agent will store API keys (encrypted system keyring vs plain file). If the agent cannot explain, do not provide keys. 5) Inspect the cloned repository and requirements.txt before running pip or main.py (run in an isolated environment or VM). 6) For live trading, run extensive tests in test mode and review logs; do not allow the agent to autonomously switch to live without explicit, manual approval. 7) If you need a simpler, lower-risk interaction, use only the documented read-only features (backtest with redacted config) and avoid giving credentials to the agent.

功能分析

Type: OpenClaw Skill Name: moltrade-1-0-9 Version: 1.0.0 The skill bundle provides instructions for 'Moltrade,' an automated trading bot with support for Binance, Uniswap, and Polymarket. The instructions are highly security-conscious, explicitly directing the AI agent to never handle private keys, to mask API keys in all outputs, and to require explicit user confirmation ('CONFIRM') before executing live trades (SKILL.md, binance/spot/SKILL.md). The bundle includes detailed API documentation and agent behavior guidelines that align with the stated purpose of trading and social signal broadcasting. No evidence of data exfiltration, malicious execution, or prompt injection was found across the core files or the Binance Square integration (binance/square-post/SKILL.md).

能力评估

ℹ Purpose & Capability

Name/description match the instructions: it’s an operator guide for a Python trading bot and correctly requires python/pip. However, the bot’s functionality clearly needs exchange API keys and Nostr private keys, yet the skill metadata declares no required env vars/credentials — a partial mismatch between claimed capability and declared requirements.

⚠ Instruction Scope

SKILL.md instructs the agent about installing, backtesting, test/live runs and broadcasting signals. It explicitly tells the agent not to handle wallet private keys and to ask the user to run `python main.py --init` themselves, which is good. But other parts (especially the included binance/square-post sub-skill docs) say the agent will prompt for API keys and 'store' them securely — that expands the agent’s scope into collecting and persisting sensitive secrets without the skill declaring how/where that happens.

✓ Install Mechanism

Instruction-only skill with no install spec or embedded executables. It references cloning the public GitHub repo and running pip install for requirements and third-party packages (e.g., binance-sdk-spot). These are expected for this use case and are low-risk from the skill packaging perspective, but the user should still vet upstream packages and the repo code before executing.

⚠ Credentials

Operating the bot requires multiple sensitive credentials (Binance API key/secret, Square OpenAPI key, Nostr nsec/private key, possibly exchange testnet/mainnet toggles), but requires.env and primary credential are empty. That omission is disproportionate and ambiguous — the skill may prompt for keys at runtime or persist them, but it does not declare or limit which secrets it will request or where they will be stored.

ℹ Persistence & Privilege

always:false and no install-time persistence are appropriate. However the documentation suggests the agent may 'store' API keys for later use (binance/square-post text), creating potential persistent credentials associated with the agent. Autonomous invocation is allowed (platform default) and would increase risk if credentials are later supplied and stored.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install moltrade-1-0-9
安装完成后，直接呼叫该 Skill 的名称或使用 /moltrade-1-0-9 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Moltrade 1.0.0 — Initial Release - Launches a decentralized, automated trading bot for OpenClaw, with support for strategy execution, copy trading, and encrypted signal sharing via Nostr. - Features local key self-hosting for improved user security—no keys leave your machine. - Enables one-click copy trading, OpenClaw strategy integration, and seamless config management. - Adds Binance Spot exchange support via the binance-sdk-spot adapter. - Supports backtesting, test/live trading modes, and encrypted signal broadcasting. - Comprehensive setup, config, and usage documentation included.

元数据

Slug moltrade-1-0-9

版本 1.0.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 1

常见问题

Moltrade 1.0.9 是什么？

Operate the Moltrade trading bot (config, backtest, test-mode runs, Nostr signal broadcast, exchange adapters, strategy integration) in OpenClaw. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 87 次。

如何安装 Moltrade 1.0.9？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install moltrade-1-0-9」即可一键安装，无需额外配置。

Moltrade 1.0.9 是免费的吗？

是的，Moltrade 1.0.9 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Moltrade 1.0.9 支持哪些平台？

Moltrade 1.0.9 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Moltrade 1.0.9？

由 zhouhuihui008（@zhouhuihui008）开发并维护，当前版本 v1.0.0。