trading-system
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill imports functions from 'clodds/trading'. This package source is not recognized as a trusted organization or repository, introducing a potential supply chain risk where the library's internal behavior is unverified.
- [COMMAND_EXECUTION] (MEDIUM): The Custom Strategy API allows for the registration of executable functions like 'init' and 'evaluate'. This dynamic code execution capability presents a risk if the agent attempts to synthesize trading logic based on untrusted user instructions.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill has an attack surface for instructions embedded in external market data from platforms like Polymarket or Kalshi.
- Ingestion points: Market data processed via
getPortfolio,getStats, andgetDailyPnL(SKILL.md). - Boundary markers: No protective delimiters or 'ignore' instructions are documented for handling external strings.
- Capability inventory: The system can execute financial trades through an
executionServiceand write data to the local file system (trades.db). - Sanitization: No sanitization or validation logic is presented for market-sourced metadata before it is used in logic or display.
Audit Metadata