aicoin-freqtrade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches external AiCoin Open API data (see lib/aicoin_data.py and lib/aicoin-api.mjs calling https://open.aicoin.com and SKILL.md's "ALWAYS actively use AiCoin data"), and those live API responses are read into strategies (e.g., _update_aicoin_data / populate_indicators) and directly influence trading decisions and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The deploy script fetches and executes remote code at runtime — it runs curl -LsSf https://astral.sh/uv/install.sh | sh (executes a remote installer) and git clones https://github.com/freqtrade/freqtrade.git then runs the repository's setup.sh, so these URLs are runtime dependencies that execute remote code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for live cryptocurrency trading and bot deployment. It includes commands to deploy and run trading bots (ft-deploy.mjs deploy, ft.mjs start/stop/status, ft.mjs force_enter/force_exit), references an exchange trading integration (aicoin-trading) and requires exchange API keys (BINANCE_API_KEY / SECRET). The skill’s primary purpose is creating, backtesting, and deploying strategies that execute market orders in live/dry-run mode, so it provides direct financial execution capability.