aicoin-freqtrade
Fail
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The file
lib/defaults.jsoncontains hardcodedaccessKeyIdandaccessSecretcredentials used for authenticating with the AiCoin API.\n- [EXTERNAL_DOWNLOADS]: The skill fetches theuvPython environment manager fromastral.shand clones the official Freqtrade trading bot repository from GitHub to facilitate deployment.\n- [REMOTE_CODE_EXECUTION]: The deployment script executes a remote installation shell script foruvvia acurl | shcommand pattern and runs thesetup.shscript from the cloned Freqtrade repository source.\n- [COMMAND_EXECUTION]: Thescripts/ft-deploy.mjsscript manages the trading bot by executing system commands for environment configuration and process control. It also dynamically generates Python strategy scripts by interpolating user-provided technical indicators into a code template.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection.\n - Ingestion points: Market data and signals are ingested from the AiCoin API through the
aicoin_data.pySDK.\n - Boundary markers: No explicit boundary markers or instructions are used to separate API data from strategy logic.\n
- Capability inventory: The skill can execute system commands and manage local strategy files via
ft-deploy.mjs.\n - Sanitization: Sanitization is implemented for strategy class names to prevent invalid Python identifier injection.
Recommendations
- AI detected serious security threats
Audit Metadata