finlab

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The list contains mostly standard API/website endpoints (finlab.finance and a Cloudflare Worker) that are low-risk, but it also includes a direct shell installer (https://astral.sh/uv/install.sh) from an untrusted/unknown domain which is a high-risk pattern (remote .sh piped to sh), so the overall set is suspicious for distributing executable code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading/execution package for the Taiwan stock market and documents broker integrations and order execution APIs. In "Step 5: Execute Orders (Optional)" it shows importing SinopacAccount and OrderExecutor, converting backtest reports to live Position, creating orders (preview with view_only=True) and calling executor.create_orders() to actually execute orders. Those are specific, purpose-built functions to place trades against a brokerage account (i.e., move money / execute market orders). This meets the criteria for Direct Financial Execution.