lp-agent

SUSPICIOUS. The skill is internally consistent with its stated purpose and uses same-org official Hummingbot/Meteora infrastructure, so it does not look malicious. However, it enables autonomous financial actions, handles raw wallet private keys, mentions weak default credentials, and allows unpinned mutable images, making it high risk in operation even though the purpose-capability alignment is legitimate.