llm-trading-agent-security

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for on-chain trading and transaction execution. It contains concrete crypto/blockchain operations and APIs: simulating and sending transactions via w3.eth.call and w3.eth.send_raw_transaction, signing transactions (account.sign_transaction), wallet key handling (Account.from_key with TRADING_WALLET_PRIVATE_KEY), RPC endpoints (flashbots RPC), and guidance for order placement, swaps, and treasury operations. Those are direct financial execution capabilities (signing/sending transactions and managing wallets), not generic tooling.