What is the setup skill for Crypto Trading Desk?

It runs once after installation to detect your environment, install uv and Python dependencies, create data directories, and verify that MCP servers start correctly.

What if uv or dependencies fail to install?

Follow the guidance in Step 2: install uv for your OS, ensure PATH access, and retry uv sync with or without --frozen as recommended.

Do I need to rerun setup after upgrades?

The setup is intended for first-time configuration. Re-run only if you move the plugin root, change the environment, or need to re-verify MCP servers.

setup

Flagged

{"isSafe":false,"isSuspicious":true,"riskLevel":"high","findings":[{"category":"shell_command","severity":"high","description":"Remote installation commands that pipe fetched content to a shell (curl ... | sh) and a PowerShell equivalent (Invoke-Expression) from an untrusted domain. This enables executing arbitrary code on the user's machine.","evidence":"curl -LsSf https://astral.sh/uv/install.sh | sh\npowershell -ExecutionPolicy ByPass -c \"irm https://astral.sh/uv/install.ps1 | iex\""},{"category":"suspicious_url","severity":"high","description":"Install scripts fetched from an unfamiliar domain (astral.sh); potential supply-chain or malware risk if the source is compromised.","evidence":"https://astral.sh/uv/install.sh\nhttps://astral.sh/uv/install.ps1"},{"category":"shell_command","severity":"high","description":"PowerShell command uses ByPass execution policy and Invoke-Expression (iex) to run remote code, bypassing usual security checks.","evidence":"powershell -ExecutionPolicy ByPass -c \"irm https://astral.sh/uv/install.ps1 | iex\""},{"category":"shell_command","severity":"medium","description":"Privilege escalation path via sudo to create a system-wide symlink (sudo ln -sf ~/.local/bin/uv /usr/local/bin/uv); script also instructs to retry with sudo, which could press users into elevated rights.","evidence":"sudo ln -sf ~/.local/bin/uv /usr/local/bin/uv\nIf the user declines sudo, tell them to restart their terminal and try again."},{"category":"other","severity":"low","description":"No integrity verification (signatures/checksums) shown for downloaded install scripts; reliance on remote scripts without verification increases tampering risk.","evidence":"Install scripts are executed directly from the remote URL with curl|sh and PowerShell IEX, but there is no checksum/signature verification shown."}],"summary":"The skill contains multiple high-risk remote installation patterns (curl | sh and PowerShell IEX) from an untrusted domain, including bypassing PowerShell security and suggesting sudo-based privilege elevation. This presents remote code execution and supply-chain risks. Recommend eliminating direct curl/iex-style remote installs, validating integrity (signatures/checksums), using signed installers from trusted sources, avoiding ExecutionPolicy ByPass, and providing controlled, local setup steps with clear verification. "}

npx machina-cli add skill hugoguerrap/crypto-claude-desk/setup --openclaw

Files (1)

SKILL.md

2.8 KB

Crypto Trading Desk - Setup

Run environment detection and dependency setup. This skill makes the plugin work on any platform.

Workflow

Step 1: Detect Environment

Run these checks in parallel using Bash:

uname -s (or ver on Windows) to detect OS
python3 --version or python --version to check Python
which uv or where uv to check if uv is installed
Check if .venv directory exists in the plugin root
Check if data/db/ directory exists

Step 2: Install uv (if missing)

Based on detected OS:

macOS / Linux:

curl -LsSf https://astral.sh/uv/install.sh | sh

Windows (PowerShell):

powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"

After installing, verify uv is accessible. If it's installed to ~/.local/bin/ but not in PATH (common on macOS GUI apps), offer to create a symlink:

sudo ln -sf ~/.local/bin/uv /usr/local/bin/uv

If the user declines sudo, tell them to restart their terminal and try again.

Step 3: Install Python dependencies

uv sync --project <plugin_root>

This creates .venv/ and installs all packages from uv.lock (fastmcp, ccxt, numpy, pandas, requests).

If uv sync fails, try without --frozen:

uv sync --project <plugin_root>

Step 4: Create data directories

mkdir -p data/trades data/reports data/logs data/db .claude/agent-memory/portfolio-manager

The SQLite database (data/db/learning.db) is created automatically by the crypto-learning-db MCP server on first use. No manual initialization needed.

Step 5: Verify MCP servers work

Test that one MCP server can start by running:

uv run --frozen --project <plugin_root> python -c "import fastmcp; import ccxt; import numpy; import pandas; print('OK')"

If this fails, diagnose and fix. Common issues:

Python version too old → tell user to install Python 3.11+
Missing system dependencies → platform-specific guidance

Step 6: Check recommended settings

Read ~/.claude/settings.json and check if MCP tool permissions are allowed.

If not, show the user what to add and offer to configure it.

Step 7: Report

Present a clear status report:

Crypto Trading Desk - Setup Complete

  OS:           macOS 15.3 (arm64)
  Python:       3.12.8
  uv:           0.6.13
  Dependencies: 5/5 installed
  MCP Servers:  7/7 ready
  Data dirs:    Created
  Database:     SQLite ready ($20,000 paper trading)

  Ready to use:
    /crypto-trading-desk:quick BTC     (fast market check)
    /crypto-trading-desk:analyze ETH   (full 5-agent analysis)

If anything failed, show exactly what went wrong and how to fix it.

Source

git clone https://github.com/hugoguerrap/crypto-claude-desk/blob/main/skills/setup/SKILL.mdView on GitHub

Overview

First-time setup for Crypto Trading Desk. It detects your platform, installs uv and Python dependencies, creates required data directories, and verifies that MCP servers start correctly. Run this once after installing the plugin to ensure the environment is ready.

How This Skill Works

It runs a guided workflow that detects OS and Python version, ensures uv is installed, and then uses uv sync to install dependencies into a local virtual environment. It also creates data directories (data/trades, data/reports, data/logs, data/db, and others) and performs a test MCP server start to verify everything is functioning.

When to Use It

After installing the plugin on a new machine to initialize the environment
When the system reports missing dependencies or a missing uv binary
After an OS or Python upgrade that could affect paths or versions
When migrating the plugin root or moving to a new workstation
When you want to confirm MCP servers start and all data directories exist

Quick Start

Step 1: Detect the environment and verify prerequisites
Step 2: Install uv and install Python dependencies with uv sync
Step 3: Create data directories and verify MCP servers with a test command

Best Practices

Run the setup once after installation and document the outcome
Ensure internet access for uv installation and dependency syncing
Use a compatible Python version (3.11+) as recommended
Execute from the plugin root directory to detect correct paths
Review ~/.claude/settings.json and adjust MCP permissions if prompted

Example Use Cases

macOS (arm64) with Python 3.12.x and uv 0.6.x completes setup and reports MCPs ready
Windows 10/11 with PowerShell, uv installed via the provided script and dependencies synced
Ubuntu 22.04 server performs environment check and creates data/trades, data/db initialized automatically
New developer workstation moves the plugin root and setup creates required data dirs automatically
Post-install verification shows OK for the MCP servers and a sample ready command displayed

Frequently Asked Questions

Add this skill to your agents