trading-futures

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill's declared purpose and capabilities are internally consistent for a leveraged futures trading agent: it legitimately requires API keys and a private key to sign orders and transfers. However, the capability set is high-privilege (placing orders, changing leverage, transfers/withdrawals, close-all) and the documentation lacks visible safeguards (withdrawal whitelists, confirmation steps, least-privilege guidance, explicit use of official endpoints). No direct indicators of malware or obfuscated code are present in this documentation, but the attack surface is large: stolen or leaked credentials, or a compromised implementation, would allow immediate trading/withdrawal of funds. Recommend treating this as legitimately functional but high-risk: require strong safeguards (use testnet keys, least-privilege API keys, disable withdrawals where possible, require manual confirmation for destructive actions, audit network endpoints in implementation) and perform code-level review of the client implementations to verify they call only official exchange APIs and do not exfiltrate credentials. LLM verification: This skill's declared capabilities (placing leveraged futures trades, querying balances, managing positions across multiple exchanges) require the sensitive credentials it requests; that is consistent with its purpose. There is no explicit sign of obfuscation or intentionally malicious code in the provided documentation. However, the need for raw private keys and full-exchange API keys combined with powerful global commands (e.g., close-all) creates a significant operational security risk if the