moon-dev-trading-agents

This document describes a legitimate-seeming AI-driven crypto trading system whose requested capabilities and secrets are broadly consistent with its stated purpose. I found no explicit malicious code or hardcoded secrets in this text. However, there are multiple security concerns: execution of generated backtest code (rbi_agent) from external sources without mandated sandboxing, broad requirement for many sensitive keys in .env, lack of explicit guarantees that LLM and exchange calls use official endpoints (possibility of intermediaries), and instructions that encourage adding packages directly to the runtime. These design choices increase the supply-chain and operational risk. Recommendation: treat the project as high-risk operationally; require code review of agent implementations, enforce sandboxing for executing generated code, vet all third-party packages, and ensure ModelFactory uses official provider endpoints (no proxies).