lp-agent
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell scripts and Python subprocesses to manage local Docker containers and infrastructure.
deploy_hummingbot_api.shuses Docker Compose and Git to install and manage the Hummingbot API trading server.setup_gateway.shandmanage_gateway.pyinteract with the local API to start and configure the Hummingbot Gateway.deploy_hummingbot_api.shcreates a localsudoshim to facilitate command execution in restricted or containerized environments where thesudobinary may be missing.- [EXTERNAL_DOWNLOADS]: The skill fetches resources from trusted and well-known sources to support its primary function.
deploy_hummingbot_api.shclones the official Hummingbot API repository from GitHub (hummingbot/hummingbot-api).visualize_lp_positions.pygenerates an interactive HTML dashboard that loads standard libraries (React, Babel, Recharts) from Cloudflare's CDN (cdnjs.cloudflare.com).list_meteora_pools.pyandget_meteora_pool.pyquery the official Meteora DLMM API for market data.- [SAFE]: The skill follows security best practices for its intended use case.
add_wallet.pyuses thegetpassmodule to securely prompt for Solana private keys, ensuring sensitive credentials are not stored in shell command history.- All management scripts interact with the user's local Hummingbot instance via standard REST API calls with basic authentication.
- Data analysis scripts (
export_lp_positions.py,visualize_lp_positions.py) operate on local SQLite databases to process trading history.
Audit Metadata