aicoin-freqtrade

No clear signs of classic malware (backdoor, keylogging, reverse shell, explicit exfiltration) are present. However, there are significant supply-chain/bootstrap and injection risks: (1) runtime remote script execution via `curl | sh` for uv installation, (2) command injection risk from execSync with shell-interpolated environment variables (notably proxyPrefix from PROXY_URL without quoting), and (3) code-generation-to-execution risk where user-supplied params (potentially entry_logic/exit_logic) can embed into generated Python strategy code that is later executed by Freqtrade. This module should be reviewed and hardened before use, especially in untrusted environments.