Skills
skills/aradotso/trending-skills/aster-bot-trading/Snyk

aster-bot-trading

Fail

Audited by Snyk on Apr 28, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.85). These URLs point to an unvetted GitHub repository and associated exchange API/domains which are not direct binaries but instruct you to run Node.js code that requires private keys and live-trading access—making them high-risk for credential or fund theft unless the repo/hosts and authors are independently verified.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill consumes public exchange data and API responses (WebSocket market data from wss://fstream.asterdex.com in src/ws/marketData.ts and REST calls to https://fapi.asterdex.com in src/execution/orderManager.ts and config), and those untrusted third‑party messages are parsed and directly drive trading signals and order placement, so they can materially influence the agent's actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot for AsterDEX perpetual futures and contains concrete, purpose-built functions and API integrations to execute financial transactions. Evidence:
  • src/execution/orderManager.ts implements placeOrder which signs requests with the API secret and POSTs to the exchange REST endpoint (/fapi/v1/order). This is direct order submission.
  • setLeverage posts to /fapi/v1/leverage to change account leverage (manages margin settings/adusts risk).
  • Configuration requires ASTER_API_KEY, ASTER_API_SECRET and TRADING_WALLET_PRIVATE_KEY and has a MODE=live switch that causes real orders to be placed (dry-run vs live).
  • The code includes order parameter semantics (MARKET/LIMIT, BUY/SELL, quantity, price) and error handling for failed orders. These are specific, non-generic financial execution capabilities (sending transactions, modifying leverage) rather than generic tooling like a browser or HTTP client.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 28, 2026, 08:21 AM
Issues
3